Zscaler IaC Scanner

Introduction

Zscaler Infrastructure-as-Code (IaC) Scan plugin for Jenkins enables developers to identify security misconfigurations in their IaC Terraform templates. The Zscaler IaC Scan plugin can be easily integrated with freestyle and pipeline projects. Graphic reports are available for IaC scan results. The reports identify passed, failed, and skipped policies. Based on policy violations, the plugin can fail IaC builds when a security vulnerability is discovered in the template. The plugin also provides a fail-safe option for break fix builds.

Features

  • Scans IaC build jobs using Terraform templates that identify security vulnerabilities for Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) resources.
  • Provides graphic reports for each IaC scan result; the reports can be exported to PDF and CSV.

For plugin support, contact Zscaler at cspm-support@zscaler.com