Assembla’s integration with the Kiuwan™ code security scanning platform allows development teams on Assembla to “shift left” and further secure their SDLC by automatically scanning code in their Assembla repositories with Kiuwan’s enterprise-grade application security engine.

Kiuwan™ enables a robust DevSecOps approach by silently adding security without the need to analyze on central servers, thanks to its distributed engine and the speed of its analysis. 

Once you enable the Assembla-Kiuwan integration, your repository is automatically scanned once a week with Kiuwan’s comprehensive static code analysis (SAST) scanning engine to identify potential vulnerabilities and security threats in your code.

Vulnerabilities flagged by Kiuwan’s scanner are automatically highlighted and identified in your Assembla code commit history, while developers or team managers can drill deeper into each vulnerability from the Security Scan tab of their Assembla repository. 

To enable Kiuwan™ SAST scanning on your repository, navigate to the Security Scan tab within the Assembla repository tool you would like to begin scanning. Check the Weekly code scan box to turn the Kiuwan™ scanner ON. The scanner then scan the code repository contained within your repository tool once per week for potential vulnerabilities and security threats, and alert you to them right within your Assembla repository tool.

All Assembla customers have access to five free identified vulnerabilities in each weekly scan. To receive unlimited vulnerability results, you must have an active subscription enabled with Kiuwan™. 

Kiuwan™ provides an enterprise-grade, end-to-end, non-localized static code analysis (SAST) and code quality analysis (QA) platform. The Assembla-Kiuwan integration leverages Kiuwan’s SAST scanning engine to identify potential vulnerabilities and security threats in your code based on SAST scanning, with the capability to scan more than 30+ languages/technologies/frameworks. Learn more.

All users of Assembla’s Kiuwan integration get access to five results from the weekly Kiuwan scan for free, without needing to register for an account with Kiuwan. However, teams that are members of both Kiuwan and Assembla receive unlimited results from the Kiuwan scanner while gaining access to Kiuwan’s powerful set of business analytics, flexible and comprehensive scanning settings, and notifications available directly from the Kiuwan dashboard.

If you have a Kiuwan account and want to enable the full Kiuwan integration with your Assembla account, navigate to the Integrations section of your project space. Then scroll down to view the Kiuwan integration settings, and click Enable.

You are prompted to authorize your Kiuwan account with your Kiuwan account credentials.
Once authorised, make sure to navigate to the Security Scan tab of the repositories you would like Kiuwan to scan on a weekly basis, and then check Weekly code scan to ensure Kiuwan scan runs each week.

When the Kiuwan scan runs each week, you receive an automatic email notification from Kiuwan when the scan is complete, and you can then view the results within your Kiuwan dashboard or inline with your code commits in Assembla.

If you have any questions or need assistance. Please email us at support@assembla.com