Some existing tools provide a mechanism to retrieve scan results from software security testing tools, but do not have the ability to start scan activity or monitor the scan activity throughout the scan process. When multiple security testing tools are needed to perform scans, a user often became frustrated with the lack of orchestration of these tools. For instance, there is a lack of an intelligent mechanism integrating and updating scan results obtained from different, independent, third party tools. The user had to separately manage each of these tools. As a result, the user had to spend most of time running tools, leaving a limited amount of time to interpret scan results.
In view of the foregoing, a need exists for an orchestration solution that automatically orchestrates multiple software security analysis tools, such as selectively activates and monitors their scans, receives scan results, aggregates and updates scan results, and provides easy visualization of the aggregate scan results. Embodiments of the present disclosure are directed to this and other considerations.