Bearer Alternatives

bearer reviews and mentions

• [Tool] An alternative to Brakeman for Security
  2 projects | /r/rails | 11 Jul 2023

  My team and I released Bearer a couple of weeks ago, a newer open and free alternative to Brakeman to check your code for security and privacy risks. In addition to Ruby/Rails, we also cover your JS/TS code, which allows you to use a single solution for your whole Rails application.

• Brakeman VS bearer - a user suggested alternative
  2 projects | 10 Jul 2023

  Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

• semgrep VS bearer - a user suggested alternative
  2 projects | 10 Jul 2023

  Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

• Detecting sensitive data shared with OpenAI
  3 projects | news.ycombinator.com | 4 May 2023

  Hi HN,

  I'm Guillaume, the founder of Bearer, an Open Source code security scanning tool. Despite the buzz around generative AI (which, as a reader of HN, you've likely encountered), we've also heard concerns from security teams.

  When using OpenAI’s developer APIs (and other LLMs), considering how Generative AI model works, essentially the more you give, the better you receive, we essentially open the door to “overshare” information. For example, If you are building an AI assistant into your travel booking app, sending sensitive data as customer information becomes highly probable. Though, as with any shared data, this does present important security and privacy risks that we can’t overlook, hence the fear of security teams.

  To address these risks, we must have explicit policies and a culture of privacy and security within the organization. We should treat generative AI models like any other third-party dependency, assessing them for vulnerabilities and safeguarding customer data. Of course, having appropriate tooling also helps.

  That's why we've added a new set of rules to Bearer CLI, our open-source static analyzer, that explicitly checks for OpenAI usage. Combined with our sensitive data detection capability, this feature can alert you and your team if your code is sending sensitive data it shouldn't be.

  You can find a link to Bearer CLI and the specific OpenAI ruleset in the following URLs:

  Bearer CLI: https://github.com/bearer/bearer

  3 projects | news.ycombinator.com | 4 May 2023

  Link to the Recipe https://github.com/Bearer/bearer/blob/main/pkg/classificatio...

• Show HN: TypeScript Security Scanner
  2 projects | news.ycombinator.com | 12 Apr 2023

  Hi HN,

  I’m Guillaume, the cofounder of Bearer, an Open Source SAST solution.

  After launching a few weeks ago here on Hacker News with support for Ruby and JavaScript stacks, I’m happy to report we’ve just released a new version (v1.2) with TypeScript support!

  In terms of code coverage, we use the same rules already implemented for vanilla JavaScript, but as usual, you can build your own.

  The rules list is here: https://docs.bearer.com/reference/rules/

  It’s a first version for TS, but we believe that thanks to the pre-existing JavaScript support it should already provide good insights.

  If you have some TypeScript code, we would love for you to try it out and let us know in the comment below or on our Discord your experience and how we can improve the findings.

  You can access the repo here: https://github.com/Bearer/bearer

  Thank you again!

• Six security risk of user input in ruby code
  2 projects | dev.to | 11 Apr 2023

  It can be challenging to keep up with security best practices. In addition to watching for vulnerability reports, you can also run regular scans on your codebase with a SAST tool like Bearer CLI. It's a free and secure way to get practical security feedback on your ruby code. Check it out on GitHub at bearer/bearer.

• Let’s scan DEV’s forem project with Bearer and analyze the results
  3 projects | dev.to | 30 Mar 2023

  Using open-source tools to test open-source projects feels like a great match. It wasn't until the other day that I remembered that the team behind DEV had open-sourced the bones of the site as Forem. To make it an even better match, the stack matches up nicely with the currently supported languages included in Bearer's new free and open-source security application security testing (SAST) tool. Unlike many security tools, this one is really focused on helping devs make sense of security concerns in an actionable way.

• How to scan your ruby or JS project for security improvements, for free.
  2 projects | dev.to | 27 Mar 2023

  Good news! There’s a free open-source tool that can scan your code, check for known risks, and give you a list of things that need fixing. All are sorted by how risky the code is—based on things like how sensitive the data is and how damaging a breach or leak would be. It’s called Bearer.

• Show HN: Bearer – Open-source code security scanning solution (SAST)
  3 projects | news.ycombinator.com | 7 Mar 2023

  Elastic 2, for those who care about such things: https://github.com/Bearer/bearer/blob/v1.0.0/LICENSE.txt

• A note from our sponsor - Onboard AI
  getonboard.dev | 11 Dec 2023

  Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev. Learn more →