Get Started with Qualys Web App Scanning Connector for Jenkins

Version 3.0.0

Welcome to Qualys Enterprise TruRisk™ Platform ! This guide explains installing and using the Qualys Web App Scanning Connector to view your Qualys WAS scan data in Jenkins.

The Qualys Web App Scanning Connector empowers DevOps teams to build application vulnerability scans into their existing CI/CD processes. By integrating scans in this manner, application security testing is accomplished earlier in the SDLC to catch and eliminate security flaws.

 Qualys Web App Scanning Connector supports Jenkins version 2.204.1 or greater.

Prerequisites for Configuration

The following prerequisites must be met to configure the plugin:

• Must have proper communication from Jenkins to the Qualys Enterprise TruRisk™ Platform via the WAS API.
• Must have valid account credentials for an active Qualys WAS subscription.
• Must have API access enabled and a role assigned with all necessary permissions to the account.
• Must use a service account restricted to API access only (no UI access) and have the fewest privileges possible.

Quick Start Steps

Following are the Steps to integrate the Qualys web App Scanner with Jenkins:

• Install the Plugin
• Configure the Plugin for Pipeline Projects
• Configure the Plugin for Freestyle Projects

 

Related Topic

URL to the Qualys API Server