Easily integrates security scanning into your Atlassian Bamboo builds
Use static analyzer to scan applications for security vulnerabilities.
Use dynamic analyzer to scan an application that runs in a browser.
HTML report of the security vulnerabilties that are found .
Enables you to execute SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing) and open source security scans using HCL AppScan on Cloud on your Bamboo server.
An account on HCL AppScan on Cloud service.
You'll also need to create an application on the service.
The plug-in has been tested on Bamboo server version: 6.8.0 or later.
Configuring AppScan Security Scan task:
Add the AppScan Security Scan task to your build plan after your artifacts have been built. Once done, configure the SAST or DAST scan parameters based on your scan needs.
Enable email notification in case you wish to receive an email after security analysis completes. Configure the fail build criteria in case you want the build to fail based on security test results.
Post build Scan Artifacts:
The AppScan Security scan task publishes the following artifacts:
HTML report of security vulnerabilities.
For a detailed documentation visit README.
Privacy and security