Platform Features

Here are some popular features :

  • 9 Languages / 237 Frameworks
  • Continuous and Persistent Scans / Monitoring
  • Twelve-Month Scan History
  • GraphQL Playground
  • Access to the Mobile App
  • Teams and Consolidated Views
  • Role Based Access Control
  • SAML Integration (SAML)
  • On-Prem & Secure Cloud Environment
  • CICD Integration
  • Rich API
  • Audit Logs
  • OWASP Top 10 and NIST Conformance
  • Code Compliance

GraphQL Playground is enabled in the Nucleaus Console

GraphQL is a powerful technology that is revolutionizing how APIs are designed and is becoming extremely popular in the new technology space. Nucleaus is one of the first platforms to enable the ability to perform simple queries to the underlying Nucleaus GraphQL technology engine easily in the console interface. This enables coders and because of GraphQL's simplicity "no-coders" the ability to run simple question and answer queries without having to wire up IDE's or test jigs. Couple that with the self documentation feature in the Documentation Explorer as well as auto-complete and guidance to the schema is frictionless. Since the Nucleaus platform is 100% built on an API foundation, the GraphQL playground exposes the immense power of Nucleaus.

 

CICD Integration

Nucleaus offers both a command line interface (CLI) and an API that can be used to interact with Nucleaus in a automated/programmatic way. Either of these methods can be used to initiate the scan of a repository, check the status of and retrieve the results of a scan.

The recommend approach is to use the Nucleaus CLI which is distributed as a nodejs package on npm. The CLI simplifies integrations as it handles authentication, output, error handling, etc.

Nucleaus is run on every build and provides security feedback

Block build and notification if scan fails

Nucleaus scans daily production code and monitors for changes

Nucleaus Integrations

The Nucleaus API has 6 different criteria's that are pre-configured in the alerting of the API. Users are able to take payloads into a place that is actionable without have too much noise through the Nucleaus API. The platform calls the API using an orchestrator and sends up various integrations with enough flexibility to make it applicable to your organizational requirements:

Some simple API integration samples are to:

nucleaus integrations

On-Prem & Secure Cloud Environment

With Secure Environments "BTF", you will host a virtual black-box appliance in their environment. The virtual appliance will pull code from the Git Repository, scan it and send just the meta data to the Nucleaus console. The code stays behind the firewall in the client environment.

The advantage to doing an implementation in a secure environment is that all the source and the scan itself is maintained within your infrastructure and nothing is copied outside the system. Only the results of the scan are sent to the console.

The benefits are:

  • More flexibility with how long a scan can take to complete
  • More flexibility with the resources that can be associated to the scan (assuming you have the capacity, to provide to the appliance)

The Secure Environment appliance is offered in the following formats:

  • AWS AMI
  • VMWare: 6.5 or 6.7
  • Nucleaus OVA in Vsphere V2

User initiates an appliance request through the console

Appliance phones home heart beat and scan results

In addition to credentials, option for SAML enablement

Teams managed through Role Base Access Control (RBAC)

There are four ways to initiate a scan: daily automated scans, ADHOC scan through the console, CICD and or API 

All scanner results sent to console via TLS1.2 secure connection

Nucleaus™ integrates with most Git-enabled and Azure DevOps version control code repositories

The Nucleaus application code scanning platform supports integration with GitHub, GitLab, BitBucket, and any other Git-enabled externally facing code repository. Furthermore, Nucleaus now supports Azure Devops TFS integrations. Empower your developers to address risks in the early stages of the development and drive action to expedite the remediation process before vulnerabilities surface in your production environment.

The Platform Supports 237 Frameworks and Growing:
Vue.js
Aurelia
Ember.js
Stimulus
NativeScript
Relay
Cycle.js
Babylon.js
Flight
Kickoff
onsen UI
Cylon.js
Jest
Feathers
R
AVA
Bootbox.js
PrimeUI
Mixin.a.lot
Highcharts JS
Scripty2
Crafty
Modernizr
T3 JavaScript Framework
Processing.js
Raphael
RequireJS
Snack
Zepto
Jasmine
Qunit
Mocha
Soma.js
Move.js
Sketch.js
Jaggery
Mithril
AngularJS
Enyo JavaScript Framework
jQuery
Kango
Cappuccino
ZK
Qooxdoo
Durandal
SproutCore
Wakanda
Webix
React
Sammy
TodoMVC
Knockout
corMVC
Polymer
Matreshka Javascript Framework
Socket.IO
Meteor
Ext JS
Framous Framework
The Opa Language
Vanilla JS
MEAN
Google Web Toolkit (GWT)
Ample SDK
Flatiron
scaleApp
MooTools
Minified.js
Javelin
RightJS
ripple.js
Sails.js
midori
Stapes.js
DHTMLX
Dojo Toolkit
MochiKit
Echo
Kendo UI
NuclearJS
Java Web Toolkit
PureMVC
D3.js
Handlebars.js
JavaScript Library Boilerplate
Ampersand.js
DozerJS
AmplifyJS
Noder.io
abaaso
Heisenberg.js
SharepointPlus
Marionette.js
Riot
Pager.js
CanJS
Rivets.js
OpenUI5
script.aculo.us
YUI Library
SmartClient
Backbone.js
Brick
Spine
UIZE JavaScript Framework
JavaScriptMVC
Agility.js
Underscore.js
Ractive.js
Geddy
Locomotivce
MontageJS
Chaplin
Mojito
Tower.js
Sereanda.js
Prototype JavaScript Framework
pyjs
jQWidgets
brink.js
Hummingbird
App Framework
Rico
Eyeballs.js
Choco
TrimJunction
KineticJS
Mercury
Rendr
Spry
Terrific JavaScript Framework
Atom
Laravel
Symfony
Phalcon
FuelPHP
Zend Framework
PHPixie
CakePHP
Yii
Slim
CodeIgniter
Fat-Free-Framework
Aura
Flight
Medoo
POP PHP
Nette
Django
TurboGears
web2py
CubicWeb
Django-hotsauce
Giotto
Grok
Pylons
Reahl
WebSauna
Wheezy.web
Zope2
Zope3
Kiss.py
Lino
Nagare
Pylatte
Tipfy
Tornado
watson-framework
webapp2
WebBot
WebCore
web.py
Webware for Python
Werkzeug
WHIFF
Bottle
CherryPy
Flask
Hug
Pyramid
Albatross
Acquarium
AppWsgi
BlueBream
Bocadillo
Circuits
Clastic
Divmod Nevow
Falcon
Growler
Gunstar
Klein
MorePath
Pycnic
Python Paste
PyWebLib
Quart
Quixote
Responder
Sanic
Spinne
weblayer
WebStack
WSGIServlets
Gin-gonic
Revel
Echo Framework
Beego
Buffalo
Martini
Golang.org
Negroni
Iris
Macaron
Go-rest
Gramework
Gocraft/web
Tigertonic
Go Relax
Web.go
Mango
Sinatra
Hobbit
Ramaze
Nancy
Godfather
Crepe
Crepe
NYNY
Ruby Grape
Celluloid
Hanami
Scorched
Cuba
Camping
Vue.js
Aurelia
Ember.js
Stimulus
NativeScript
Relay
Cycle.js
Babylon.js
Flight
Kickoff
onsen UI
Cylon.js
Jest
Feathers
R
AVA
Bootbox.js
PrimeUI
Mixin.a.lot
Highcharts JS
Scripty2
Crafty
Modernizr
T3 JavaScript Framework
Processing.js
Raphael
RequireJS
Snack
Zepto
Jasmine
Qunit
Mocha
Soma.js
Move.js
Sketch.js
Jaggery
Mithril
AngularJS
Enyo JavaScript Framework
jQuery
Kango
Cappuccino
ZK
Qooxdoo
Durandal
SproutCore
Wakanda
Webix
React
Sammy
TodoMVC
Knockout
corMVC
Polymer
Matreshka Javascript Framework
Socket.IO
Meteor
Ext JS
Framous Framework
The Opa Language
Vanilla JS
MEAN
Google Web Toolkit (GWT)
Ample SDK
Flatiron
scaleApp
MooTools
Minified.js
Javelin
RightJS
ripple.js
Sails.js
midori
Stapes.js
DHTMLX
Dojo Toolkit
MochiKit
Echo
Kendo UI
NuclearJS
Java Web Toolkit
PureMVC
D3.js
Handlebars.js
JavaScript Library Boilerplate
Ampersand.js
DozerJS
AmplifyJS
Noder.io
abaaso
Heisenberg.js
SharepointPlus
Marionette.js
Riot
Pager.js
CanJS
Rivets.js
OpenUI5
script.aculo.us
YUI Library
SmartClient
Backbone.js
Brick
Spine
UIZE JavaScript Framework
JavaScriptMVC
Agility.js
Underscore.js
Ractive.js
Geddy
Locomotivce
MontageJS
Chaplin
Mojito
Tower.js
Sereanda.js
Prototype JavaScript Framework
pyjs
jQWidgets
brink.js
Hummingbird
App Framework
Rico
Eyeballs.js
Choco
TrimJunction
KineticJS
Mercury
Rendr
Spry
Terrific JavaScript Framework
Atom
Vue.js
Aurelia
Ember.js
Stimulus
NativeScript
Relay
Cycle.js
Babylon.js
Flight
Kickoff
onsen UI
Cylon.js
Jest
Feathers
R
AVA
Bootbox.js
PrimeUI
Mixin.a.lot
Highcharts JS
Scripty2
Crafty
Modernizr
T3 JavaScript Framework
Processing.js
Raphael
RequireJS
Snack
Zepto
Jasmine
Qunit
Mocha
Soma.js
Move.js
Sketch.js
Jaggery
Mithril
AngularJS
Enyo JavaScript Framework
jQuery
Kango
Cappuccino
ZK
Qooxdoo
Durandal
SproutCore
Wakanda
Webix
React
Sammy
TodoMVC
Knockout
corMVC
Polymer
Matreshka Javascript Framework
Socket.IO
Meteor
Ext JS
Framous Framework
The Opa Language
Vanilla JS
MEAN
Google Web Toolkit (GWT)
Ample SDK
Flatiron
scaleApp
MooTools
Minified.js
Javelin
RightJS
ripple.js
Sails.js
midori
Stapes.js
DHTMLX
Dojo Toolkit
MochiKit
Echo
Kendo UI
NuclearJS
Java Web Toolkit
PureMVC
D3.js
Handlebars.js
JavaScript Library Boilerplate
Ampersand.js
DozerJS
AmplifyJS
Noder.io
abaaso
Heisenberg.js
SharepointPlus
Marionette.js
Riot
Pager.js
CanJS
Rivets.js
OpenUI5
script.aculo.us
YUI Library
SmartClient
Backbone.js
Brick
Spine
UIZE JavaScript Framework
JavaScriptMVC
Agility.js
Underscore.js
Ractive.js
Geddy
Locomotivce
MontageJS
Chaplin
Mojito
Tower.js
Sereanda.js
Prototype JavaScript Framework
pyjs
jQWidgets
brink.js
Hummingbird
App Framework
Rico
Eyeballs.js
Choco
TrimJunction
KineticJS
Mercury
Rendr
Spry
Terrific JavaScript Framework
Atom
major developments nucleaus
Request Technical Demo

Fully deployed in minutes with actionable results