Shahid Saddique - Senior DevSecOps Consultant

Hey! I'm Shahid Saddique

Senior DevSecOps Consultant | Automating Cloud & Embedded Infrastructure

I'm available for hire

Email

connect@shahidsaddique.com

Social

Hire me
Back

Veracode SAST HTML Reporter

Enterprise DevSecOps Automation Utility

A custom, Dockerized Python automation tool built to parse raw Veracode JSON security scans into clean, color-coded executive HTML dashboards directly within Bitbucket CI artifacts.

Veracode SAST HTML reporting utility framework dashboard - Click to view case study
A UI mockup of a GitLab CI/CD pipeline interface demonstrating a failed build stage due to critical vulnerabilities detected during an automated Veracode SAST HTML scan
A technical cloud workflow diagram illustrating the automated encryption, archival, and uploading of passed software build artifacts to AWS S3 Glacier and Jira Cloud

Architecture & Deployment Process

1
Secure JSON Ingestion & Parsing

The automated pipeline securely pulls Veracode API credentials from masked environment variables, executes the high-speed Pipeline Scan inside an isolated Docker container, and intercepts the raw JSON findings payload.

2
Python-Driven Severity Matrix

A lightweight Python compiler processes the raw payload, structures the vulnerabilities into a standardized Risk Matrix, and categorizes flaws natively by severity (Very High to Very Low) using a custom HTML/CSS data-binding template.

3
Continuous Artifact Deployment

The generated color-coded HTML dashboard is automatically compressed and exported directly into Bitbucket CI Artifacts, providing the engineering team with instant, actionable security feedback before merging pull requests.