Brakeman Pro Engine is designed to be easily automated as part of a development workflow.
We recommend adding Brakeman Pro to your test, build, or deployment pipeline to achieve continuous security coverage and feedback.
The simplest way to integrate Brakeman Pro Engine into a testing workflow is to use our test integration to run a Brakeman Pro scan every time an application’s tests run.
This only requires adding a small bit of code to your test suite. Minitest and RSpec are supported out of the box, but it is possible to integrate with any test library.
For GitHub integration and a cloud solution, we offer the Brakeman Pro Engine on Code Climate.
Code Climate makes it simple to Brakeman Pro with GitHub and run scans on every pull request. As a cloud solution, all your Brakeman Pro warnings can be shared in a centralized location.
Code Climate also has functionality to track statuses for each warning.
Brakeman Pro Engine can easily be added to any continuous integration server.
The key steps are installing Brakeman Pro Engine and then running it with the
gem install brakeman-pro --source https://USER:PASSWORD@brakemanpro.com/gems/ brakeman-pro --exit-on-warn
--exit-on-warn method causes Brakeman Pro to exit with a failure code.
Need help setting up Brakeman Pro for your CI environment? We are happy to help!.