Qualys IaC Security Integration with Bamboo
The security scans are conducted on cloud resources after deployment in the existing Continuous Integration and Continuous Deployment (CICD) environment. As a result, you secure your cloud resources post-deployment to respective Cloud accounts.
With an introduction of the Infrastructure as Code (IaC) security feature by Qualys Qualys TotalCloud, you can now secure your IaC templates before the cloud resources are deployed in your cloud environments. The IaC Security feature helps you shift cloud security and compliance posture to the left, allowing evaluation of cloud resources for misconfigurations much earlier during the development phase.
Qualys TotalCloud integrates with Bamboo to scan and secure your IaC templates using the Bamboo plans. It continuously verifies security misconfigurations against Qualys TotalCloud controls and displays the misconfigurations for each run. With continuous visibility of the security posture of your IaC Templates at Bamboo, you can plan for remediation to stay secure post-deployment.
For supported templates, other integrations, and features of Cloud IaC Security, refer to TotalCloud Online Help and TotalCloud API User Guide.
Scanning IaC Templates at Bamboo
The Bamboo integration allows you to perform IaC scans using plans. We provide you with plans and options that you can configure to run based on various triggers.
You can perform an IaC scan on either of the following:
- The entire git repository.
- The templates that were newly added or updated to the branch.
The results are generated on the build console that provides you with proactive visibility into the security of your IaC templates residing in git repositories.
Pre-requisites
- Install Java 8 with a version less than 255.
- Ensure you have the latest version of Bamboo installed.
- Ensure that you have a valid Qualys Qualys TotalCloud Security Assessment application subscription.
Next step: