12
Customers have installed this app in at least 12 active instances.
    by Qualys, Incfor Bamboo Server 5.14.0.1 - 6.9.2 and more versions
    Versions available for Bamboo Server 5.9.7 - 5.13.2
    Supported
    Qualys, Inc supports this app.

    Get support

    Get it nowFree app

    Perform continuous vulnerability detection and remediation in the DevOps build environment

    Perform continuous vulnerability detection and remediation in the DevOps build environment

    Perform continuous vulnerability detection and remediation in the DevOps build environment

    Qualys as a task

    Easily Configurable

    Visual Reports

    Use the Qualys plugin as a task in your bamboo project. In the Tasks tab, click Add Task, and simply search for “Qualys” to get the Qualys Docker Image Analyzer addon. Click the Qualys addon to add it as a task.

    Configure the Qualys Docker Image Analyzer plugin.You can either provide a global configuration or a local configuration. Global configuration can be set once and used for multiple projects.

    Qualys plugin generates one report for each docker image in the build. In a build, click the job which includes Qualys plugin, to see vulnerability details for the docker image.

    More details

    Qualys Container Security provides discovery, tracking, and continuous protection for container environments. This addresses vulnerability management for images and containers in their DevOps pipeline and deployments across cloud and on-premise environments. Atlassian Bamboo users can integrate with Qualys Container Security to get the vulnerability analysis of images in the build environment. You need to buy Qualys subscription in order to deploy and use the plugin. Install the Container Sensor on the Build host (nodes) where the images are being created. The sensor upon install automatically triggers a vulnerability analysis of the new images found. The Bamboo plug-in provides detail list of the vulnerabilities and its details directly within the plug-in. You can optionally access your Qualys subscription to view the full report.

    Reviews for cloud

    (0)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Reviews for server

    (0)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Reviews for Data Center

    (0)Sign in to write a review

    There are no reviews yet. Be the first to review this app.

    Cloud Pricing

    Server Pricing

    Data Center Pricing

    Qualys, Inc provides support for this app.

    Vendor support resources

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Atlassian-hosted discussions connect you to other customers who use this app.

    Versions

    Version 1.6.0.0 Bamboo Server 5.14.0.1 - 6.9.2 Released 2019-07-23

    Summary

    Evaluate Docker image for CVSS score

    Details

    1. You can now provide CVSSv2 or CVSSv3 base scores as criteria to fail a docker image build. The build will be evaluated against the CVSS scores and will fail if vulnerabilities are found with CVSS scores greater than or equal to the specified score.

    2. The test connection API used to check Bamboo Plugin connectivity to Qualys has been updated.

    Installation

    1. Log into your Bamboo instance as an admin.
    2. Click the admin dropdown and choose Add-ons. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate Qualys Docker Image Analyzer for Bamboo via search. Results include app versions compatible with your Bamboo instance.
    5. Click Install to download and install your app.
    6. You're all set! Click Close in the Installed and ready to go dialog.

    To find older Qualys Docker Image Analyzer for Bamboo versions compatible with your instance, you can look through our version history page.

    Similar apps