If you use Jenkins for continuous integration and IBM® AppScan® Source for vulnerability scanning, you’ve probably been using scripts to connect the two, scanning for vulnerabilities as code is committed. Yet scripts are difficult to maintain, must be updated for different apps and are unwieldy. They’re also error prone and unforgiving, taking a lot of time to fix. So we’ve created a tool to make it easier for you to automate AppScan Source scanning from Jenkins.
The plugin allows Jenkins to perform static code analysis (SCA/SAST) with IBM® AppScan® Source for Analysis with minimal configuration, greatly simplifying the process of automating AppScan Source by providing global settings and simple scan configuration within Jenkins.
Publish to AppScan Enterprise: Coming soon
Keep an eye on this space; our next update will allow you to publish the results to IBM AppScan Enterprise.
Aspect has over a decade of experience helping organizations plan, implement and manage enterprise-wide deployments of a wide variety of automated application security testing tools (SAST, DAST and IAST). We can help you with your IBM AppScan implementation. Learn more here or contact us today.