Skip to main content

Automated Security Testing Tool

secureCodeBox is an OWASP project providing an automated and scalable open source solution that integrates multiple security scanners with a simple and lightweight interface – for continuous and automated security testing.

Identify Vulnerabilities in your Network and Applications

Use the power of leading open source security testing tools with the first of its kind open source multi-scanner platform to run routine scans continuously and automatically on your network infrastructure or applications.

Powerful Scanning Tools

Combines more than 15 different Scanners to provide a comprehensive overview of threats and vulnerabilities affecting your network and applications.


Easily integrate the secureCodeBox into your CI/CD pipeline or Kubernetes environment with automated feedbacks.

Multi-Layer Testing

Allowing security tests on different layers – from deep dive Scans of single Applications to large-scale scanning of complete it landscapes.

Easy Monitoring

Easily monitor each scanner's results through pre-designed or customised dashboards, use a tool integration such as. DefectDojo or integrate persistence tool of your choice.

Security Use Cases

Flexible configuration options make it possible to apply the secureCodeBox to a wide range of use cases, addressing security professionals as well as DevOps Teams. Discover the possibilities:

Your Go-to Solution for easy Security Scanning

secureCodeBox offers a well-documented and beginner-friendly introduction to the world of DevSecOps:
  • It's a quick and straight forward installation. It works on every system and is ready to use from start.
  • You can start scans without any configuration right away and use best practice tests. But each scanner also provides extensive configuration options.
  • Our architecture is designed for open flexibility and free adjustments. New tools can be integrated fairly simple and you can design your own scan and monitor process.
  • Separately configurable for multiple teams, systems or clusters.

Multi Scanner Security Platform

Combining more than 15 leading Open-Source Scanning Tools secureCodeBox covers a broad spectrum of possible threats and vulnerabilities for your network and applications; ranging from Kubernetes vulnerabilities, over SSL misconfigurations, to network authentication bruteforcing and many more:

About us

secureCodeBox is an Open-Source project in cooperation with OWASP and with friendly support from iteratec.

OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Do you have questions or feedback about secureCodeBox?

Get in contact and let us know:
Get in contact
Role image

Robert Felber

Role image

Sven Strittmatter

Core Team
Role image

Jannik Hollenbach

Core Team