Scan Commands
The scan category provides security scanning with multiple scanner types via the --scanner flag, plus a dedicated subcommand for dynamic testing.
Key Features:
- Multi-tool security scanning (Trivy, Semgrep, OWASP ZAP)
- SBOM generation for supply chain security
- Compliance validation (CIS, NIST)
- Secret detection
- Infrastructure as Code scanning
- Static and dynamic analysis
Commands in this Category
| Command | Purpose |
|---|---|
| scan | Run security scans with --scanner flag |
Scanner Types
| Type | Description | Tool |
|---|---|---|
sbom |
Software Bill of Materials | Trivy |
vuln |
Vulnerability scanning | Trivy |
secrets |
Secret detection | Trivy |
iac |
Infrastructure as Code scanning | Trivy |
compliance |
Compliance checking | Trivy |
sast |
Static Application Security Testing | Semgrep |
Common Use Cases
Complete Security Scan
Vulnerability Assessment
Compliance Checking
Application Security Testing
# Static analysis
eac scan --scanner sast
# Dynamic testing (requires running application)
eac scan zap eac-api --target http://localhost:8080
See Also
Tutorials | How-to Guides | Explanation | Reference
You are here: Reference — information-oriented technical descriptions of the system.