Integrate CI tools

By integrating CI tools, you get two main benefits: code scans and streamlined security workflows. This is achieved by inserting code snippets directly into your existing CI workflows, which then use the Cortex CLI to trigger automated security checks:

  • Code scans:

    • Code scanning for IaC (Infrastructure as Code): Finds misconfigurations in your IaC files, ensuring your cloud and infrastructure environments are secure from the start

    • Software Composition Analysis (SCA) scans: Identify vulnerabilities in open-source libraries and third-party components, along with license misconfigurations and package integrity issues

    • Secrets detection: Finds hardcoded secrets, such as API keys and passwords, in your code and pipelines to prevent unauthorized access and data breaches

  • Streamlined workflows: By integrating security scans directly into your CI/CD pipelines, you achieve a shift-left security model, moving security from a final check to an early, continuous process within the development lifecycle.

    • Early threat detection: You can identify and fix security threats as soon as they are introduced

    • Automated and seamless integration: The use of code snippets and a unified CLI makes the security checks a seamless part of your existing CI process, requiring no manual intervention

You can integrate your CI tools and systems through the platform wizard or by directly adding a code snippet to your pipelines in supported systems.

Integrate CI tools via the tenant UI wizard

Application Security supports the following CI tools for onboarding via the UI wizard:

  • AWS CodeBuild

  • CircleCI for code scans (For CircleCI CI/CD pipeline scans, refer to CI/CD)

  • Cortex CLI. For information about using the Cortex CLI, refer to Cortex CLI

  • GitHub Actions

  • Jenkins for code scans (For Jenkins CI/CD pipeline scans, refer to CI/CD)

  • Terraform Cloud (Run Tasks)Terraform Cloud (Run Tasks)

  • Terraform Enterprise (Run Tasks)Terraform Enterprise (Run Tasks)

Manage CI Tools

To access CI tool management, navigate to SettingsData Sources & Integrationshover over a CI toolView Details.

You can perform the following actions on CI tools:

  • Delete an instance: Right-click on an instance of the CI toolDelete instanceDelete

  • Remove a connected repository: Select an instance of the CIright-click on a repositoryRemove Repository

  • Select the repository branches to be scanned: Select an instance of the CIright-click on a repository Set Scanned Branchesselect a branch/multiple branchesSave

  • Perform a manual scan of the repository: Select an instance of the CIright-click on a repository Scan Repository