Qualys IaC Security

Qualys laC Security Integration with Jenkins

In the existing Continuous Integration and Continuous Deployment (CI/CD) environment, the security scans are conducted on cloud resources after deployment. As a result, you secure your cloud resources post-deployment to respective Cloud accounts.

With an introduction of the Infrastructure as Code (IaC) security feature by Qualys Cloud-View, you can now secure your IaC templates before the cloud resources are deployed in your cloud environments. The IaC Security feature will help you shift cloud security and compliance posture to the left, allowing evaluation of cloud resources for misconfigurations much early during the development phase.

CloudView offers integration with Jenkins to scan and secure your IaC templates using the Jenkins pipeline job. It continuously verifies security misconfigurations against CloudView controls and displays the misconfigurations for each run. With a continuous visibility of the security posture of your IaC Templates at Jenkins pipeline you can plan for remediation to stay secure post deployment.

For supported templates, other integrations, and features of Cloud laC Security, refer to CloudView User Guide and CloudView API User Guide.


Installation options