mend-cloud-native-security-scanner-plugin

Mend Cloud Native Security Scanner Plugin

APACHE-2.0 License

Stars
0
Committers
3
View Code on GitHub Visit Website View on X
Ecosystems: Jenkins

Mend Cloud Native Security Scanner

Introduction

This plugin downloads Mend.io Scanner CLI and performs image scan to detect vulnerabilities and other security risks.

Initial Configuration

Scanner requires 4 variables to be configured:

User Email - user email
User Key -  mend user key
Mend URL - mend application environment
Repositories - list of image repositories to scan from (separated by comma)

This plugin is defined to be run (as a build step) after a new image creation on the jenkins machine: According to the given repositories, for each repository the latest created image will be scanned and a summary table will be displayed. This table consists of vulnerabilities data with their risk and fix version (if exists). Also, other security risks, such as secrets detection will be presented.

  • The plugin assumed the local latest image was created and still exists on the jenkins machine.
  • The plugin download a dedicated scanner CLI according to the OS and the machine architecture
Badges
Extracted from project README
Build Status Contributors Jenkins Plugin GitHub release Jenkins Plugin Installs
Related Projects
securecn-scanner-plugin

Portshift CI plugin for jenkins

26 Feb 2020 1
plugin-installation-manager-tool

Plugin Manager CLI tool for Jenkins

05 Jun 2019 363
insightappsec-plugin

InsightAppSec Jenkins Plugin

15 Jan 2019 3
qualys-iac-security-plugin

Qualys IaC Security Jenkins plugin

19 Dec 2022 0
sysdig-secure-plugin

Jenkins Plugin for Sysdig Secure

30 Aug 2018 12
appscan-plugin

05 Dec 2016 8
jwt-auth-plugin

A simple Jenkins plugin that allows user to be logged in via an upstream JWT token

20 Sep 2021 4
create-jenkins-docker-image-and-publish-periodically

Create jenkins docker images and build them periodicaly and scan using trivy

04 Jul 2024 0
configuration-as-code-plugin

Jenkins Configuration as Code Plugin

20 Oct 2017 2,632
minio-plugin

Repository for the Minio Jenkins plugin

09 Jul 2020 10
secone-security-plugin

Scan your projects for vulnerabilities with Jenkins. This plugin is officially maintained by Sec1.

24 Jan 2024 0
plugin-usage-plugin

Jenkins plugin to analyze the plugin usage

09 Jul 2014 14
mabl-integration-plugin

build steps to launch and report on mabl tests

11 Apr 2018 6
aqua-security-scanner-plugin

Jenkins plugin for image security scanning by Aqua Security

18 Jun 2016 14
secure-pipeline-java-demo

28 May 2020 35