Zscaler IaC Scanner


Zscaler Infrastructure-as-Code (IaC) Scan plugin for Jenkins enables developers to identify security misconfigurations in their IaC templates. The Zscaler IaC Scan plugin can be easily integrated with freestyle and pipeline projects. Graphic reports are available for IaC scan results. The reports identify passed, failed, and skipped policies. Based on policy violations, the plugin can fail IaC builds when a security vulnerability is discovered in the template. The plugin also provides a fail-safe option for break fix builds.


  • Scans IaC build jobs using IaC templates that identify security vulnerabilities for Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP) and Kubernetes resources.
  • Provides graphic reports for each IaC scan result; the reports can be exported to PDF and CSV.

For plugin support, contact Zscaler at cspm-support@zscaler.com