CS CI/CD Security Integration
Qualys CI/CD Security Integration, with the help of Qualys Container Security sensors, enables you to identifying vulnerabilities and secrets early in the development lifecycle. Rather than discovering security issues after deployment, you can evaluate container images and source code during the build process, providing continuous visibility into your application security posture.
The CI/CD integration scans container images for OS and application vulnerabilities, detects hardcoded secrets, and generates SBOM (Software Bill of Materials). Scan results can be used to gate deployments based on configurable thresholds or centralized Qualys cloud policies.
Supported Scans & Sensors
CS CI/CD Security supports the following CI/CD tools, and scans.
| CI/CD Tools | Integration Type | Scan Component | Scan Type* |
|---|---|---|---|
| GitHub Actions | Reusable Actions | Container, Code | SCA |
| GitLab CI | CI Component | Container, Secrets, Malware | Secrets, Malware |
| Jenkins | Jenkins Plugin | Container, Code, Rootfs | SCA |
| Azure DevOps | Pipeline Extension | Container, Code | SCA |
To know more about the scans, refer to Supported Scans.
Pre-requisites
Before you begin, ensure you have:
- A valid Qualys subscription with Container Security permissions enabled
- A Qualys API access token with Container Security scope
- Access to your target CI/CD platform
Contact Qualys Support for any further queries.