Integration

To set up integration with the tools, click the settings icon in the upper right corner, and select the Integrations tab on the Settings page.

In the upper left corner of the Integrations tab there is a drop-down menu that allows you to switch between tool settings.

CI/CD

Select CI/CD from the drop-down menu. The following fields are available here:

  • Token — This is an interface to get a token for integration into the development process.
  • Command string builder — This is a constructor that creates the command string depending on the type of the chosen parameters.

A valid CI/CD token can be used as authentication credentials, so you don't have to manually authorize and authenticate every time you run an application scan. The lifetime of such a token is one year. Thus, it is possible to work using the CLI or distribution systems.

CI/CD Token Management

Only a user with Administrator rights has access to the Settings section.

Application testing can be performed by a user with Administrator or User rights.

To work efficiently within the Company, a user with Administrator rights can take the correct token in the CI/CD section of the system settings and distribute it to users with User rights to scan the application and analyze the results.

Token allows you to run scans and access information about architectures, scanning agents, test cases, scans (general information and report downloads). It is only possible to get information, but not to change it.

The lifetime of such a token is one year. Administrator should monitor the token renewal process and provide Users with the correct CI/CD tokens.

To work with the token, the tab provides the following actions using the buttons on the left:

  • Renew — Extends the lifetime of the current token by one year and does not change it.
  • Replace — Replaces the token value (the old token becomes invalid).

Forming the CLI Launch Command

As stated above in the Scan Launch section of the User Guide, you can launch a scan of an application not only from the system UI, but also from the Command Line Interface (CLI). A valid CI/CD token is required to start the application scan via CLI. 

The process of forming the command line includes the following steps:

  • In the parameters of the Command string builder form, select the values required to launch the scan:
    • Project.
    • Profile.
    • Architecture.
    • Test case.
  • A command line will be generated. In this line you should replace the file location.

The formed command line can be used when working through the CLI.