DevOps-first AppSec

One tool to do all scans, without requiring any AppSec expertise

Sken packages and manages open source scanners across all scan types (SAST, SCA, DAST, and more), adds a SaaS orchestration layer and automates them in CI/CD.

Try it for Free
(You can even use our sample app)
SAST DAST Secret detection Container Scanning Licence Compliance Jenkins Travis CI Bamboo Circle CI NodeJsScan find-sec-bugs OWASP dependency check brakeman OWASP ZAP

Get started with
Sken in 3 easy steps

Paste this code segment in your Jenkins | <Your App> | Configure | Add build step | Execute Shell


pip install --upgrade skencli --user

Paste this code segment in your travis.yaml file

language: python
  - "3.8"
  - docker
  - pip install --upgrade --no-cache-dir --default-timeout=210 skencli
  - skencli

Paste this code segment in your Circle CI yaml file

version: 2.1
      image: circleci/classic:201808-01

      - checkout

      - run:
          name: Update pyenv
          command: |
            # Install pyenv-update to allow addition of python 3.7.0
            git clone git:// $(pyenv root)/plugins/pyenv-update
            pyenv update
            pyenv install 3.6.9

      - run:
          name: Set Python Version
          command: pyenv global 3.6.9

      - run:
          name: Install skencli
          command: pip install --upgrade skencli

      - run:
          name: Scan
          command: skencli

      - scan

Paste this code segment in your workflow main.yml file

name: CI
    branches: [ github-action ]
    branches: [ github-action ]

    runs-on: ubuntu-latest
    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
    - uses: actions/checkout@v2

    - name: Set up Python 3.x
      uses: actions/setup-python@v2
        # Semantic version range syntax or exact version of a Python version
        python-version: '3.x'
        # Optional - x64 or x86 architecture, defaults to x64
        architecture: 'x64'

    - name: Install skencli
      run: pip3 install --upgrade skencli

    - name: Run skencli
      run: skencli

Paste this code segment in your bamboo.yml file

version: 2
  project-key: MYAPP
  key: MYAPP
  name: Build the myapp

  - Scan the myapp stage:
    - Scan

    - script:
        - pip3 install --user --upgrade skencli
        - export PATH="$HOME/.local/bin:$PATH"
        - skencli

Check in this sken.yaml file in the root folder of your source code.

orgid: your-org-id-here
appid: your-app-id-here

# optional Param section start

buildtool: jenkins                # optional param, values=jenkins|travis
scanner: sast,dast,sca            # optional param, default is ALL
language: python,javascript       # optional param, default is Auto-Detect

  DAST_URL:  # optional param

# optional Param section end

# end of file
Based on your app’s language, architecture and settings, Sken automatically figures out which open source scanners, and which types of scans (SAST, DAST, SCA, secrets, etc) are appropriate.

Sken automatically downloads the latest docker image of those scanners, and executes the scans in a docker container on your CI/CD machine.

The scan results are uploaded to Sken cloud, and you can review them in portal.

Why is DevOps First in AppSec?

Integrate security scan
tools into CI/CD


Issue Triage


Fix Issues


Sken's approach

Don’t wait to discover vulnerabilities at the end of the development cycle, or worse, leave your app insecure by not security testing them at all.

Sken provides a SAAS orchestration layer, that integrates continuous application security testing into your DevOps CI/CD workflow, using open source security scanners, across all scan types. Discover, analyze and prioritize what needs fixing.

  • Source code scanning (SAST)
  • Dynamic/ runtime scanning (DAST)
  • Third-party libraries scanning (SCA)
  • Mobile apps (MAST)
  • Container scanning
  • License compliance
  • Secrets detection
DevOps Tool Silos Seamless Setup
Security High Touch Cannot
Easy Auto Triage
Dev False Positives Noise Reduction

Benefits of using Sken

for DevOps

Single CI/CD automation layer for all app security scan types

  • Eliminate the need to plugin siloed open source scanners in your CI/CD.
  • Unify setup and configuration for many scanners across all scan methods using YAML / CLI.
  • Remove the need to update or maintain scanners. Our Docker images always have the latest versions of the scanners.

for Security

AI enabled vulnerability management

  • Aggregate and filter test results across many scanners and scan types.
  • Minimize noise with AI and granular controls.
  • Auto-prioritize risks based on business impact (OWASP risk rating).
  • Unify risk scoring and reporting across applications.
  • Low touch. Scale up with limited security personnel.
  • Reduce cost by using open source scanner alternatives.

for Dev

Secure and fast code development

  • Noise reduction leads to drastically fewer false positives
  • Discover issues earlier and upstream
  • No security knowledge needed


Free Forever

1000 app-scans per month


After the first 1000 app-scans in a month


News and Resources