Use  Plugin

Qualys recommends setting up the Jenkins Plugin after the container image is built and before it is pushed to the registry.

Do not delete the image until the plugin has been set up.

While setting up the plugin, you can provide a global or job-specific configuration. The global configuration can be set once and used for multiple projects, both Pipeline and Freestyle.

Perform the following steps to set a global configuration:

  1. Go to Manage Jenkins > Configure System.
  2. Scroll down to the Qualys Container Security section and provide the configuration details listed as follows: 

    If you want to set a job-specific configuration:

    1. From the Pipeline Syntax > Snippet Generator page, select getImageVulnsFromQualys: Scan container images with Qualys CS.

    2. Select Use Job-Specific Configuration.

    jenkins_snippet_options

    Selecting the Use Global(Jenkins) Configuration option lets the job use the global configuration you set under Manage Jenkins > Configure System > Qualys Container Security.

For more details, refer to Configuration Details.

This plugin provides a build step and a post-build action. It can be used for pipeline-type projects (CI/CD pipeline) and freestyle projects. It is described in the fllowings sections.

Pipeline Project

Freestyle Project

Next Step

Define container image IDs

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: December, 2025