Integrate Security In Your CI/CD Pipeline

Integrate vulnerability scanning into your CI/CD pipeline in less than 30 minutes

Inject security directly into your development processes. The Crashtest Security Suite is the security integration your developers have been dreaming of. Security scans can be triggered automatically via webhook within your CI/CD pipeline, via our schedule setting, or started manually.

Scroll down to learn more about how we integrate into your CI/CD toolchains, versioning systems, vulnerability management systems, ticketing systems, and chat tools.

CI/CD pipeline

The engine of every DevOps process.

Our best practice integration looks as follows:

After building your staging system, trigger our scan via webhook
Pull the scan results back into your CI/CD
Let builds fail based on the number or severity of the detected vulnerabilities in your build
Use our Wiki with specific code examples to easily remediate vulnerabilities

The tools on the left can be integrated with Crashtest Security without any issues. Other tools you may use are Buildbot, GoCD, Codeship, Buildkite or Buddy.

Vulnerablility Management Solutions

You are already managing your application vulnerabilities in a dedicated platform? That’s great!

Our CVSS-based scoring, the exact vulnerability description, and the link to our remediation wiki are easily importable in vulnerability management solutions through a machine-readable report format.

This can be done automatically via our webhook.

Chat Tools

Apart from our email reports, you can get notified for completed scans in your favorite chat tool.

Let’s say your development team has created a new feature and is eager to deploy it.

By setting up your automated security testing your development team will automatically be notified once their code is approved for the next release.

You can use this for chat tools such as Slack, Mattermost, Hangouts, Rocket Chat or Microsoft Teams.

For more information on each of the tools, click on the specific symbol to the left.

Versioning Systems

The memory of your DevOps process.

Learn more about best practices for versioning and how to integrate the continuous delivery capabilities of your versioning system by clicking on your versioning system logo on the left.

You can easily use Bitbucket, GitHub or GitLab with Crashtest Security. Other Versioning Systems with similar functions are SourceForge, Gogs, Launchpad or Phabricator.

Ticketing Systems

When we detect a vulnerability for you, remediation has to be as easy as possible.
Manage your remediation in the same place as all your other tickets.
Create tickets for new vulnerabilities and have your vulnerability management system updated when you close the ticket.

Don’t get confused about what is important.