Customer is a leading SaaS based Application security solution provider

Client requested for the development of a certified CicleCI plugin that would scan IaC (Infrastructure as code) templates and container images during CircleCI pipelines

 Technology Solution

  • Sacumen developed the certified CicleCI plugin that scans the IaC templates and container images. Purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files and identify vulnerabilities in container images
  • The plugin was packaged in CicleCI orbs format and the shell script was written to perform actual processing
  • Plugin made REST API calls to the platform for scan
  • When User creates a custom task to embed this functionality in their CircleCI pipeline, he can specify the build or pipeline failure criteria based on the severity of the security issues that are identified
  • Scan results are displayed to User
Secure Cloud Infrastructure Monitoring integration with QRadar

Customer Support

Send us a message

Get in Touch

Select Job Role (required)