没有合适的资源?快使用搜索试试~ 我知道了~
Qualys IaC 与 GitHub 的安全集成.pdf
0 下载量 10 浏览量
2024-05-08
13:37:59
上传
评论
收藏 1.68MB PDF 举报
温馨提示
试读
11页
Qualys IaC 与 GitHub 的安全集成.pdf
资源推荐
资源详情
资源评论
Copyright 2022 by Qualys, Inc. All Rights Reserved.
Qualys IaC Security Integration with GitHub
In the current continuous integration and continuous deployment (CICD) environment,
the security scans are conducted on cloud resources after deployment. As a result, you
secure your cloud resources post deployment to respective Cloud accounts.
With an introduction of Infrastructure as Code (IaC) security feature by Qualys CloudView,
you can now secure your IaC templates before the cloud resources are deployed in your
cloud environments. The IaC Security feature will help you shifting cloud security and
compliance posture to the left, allowing evaluation of cloud resource for
misconfigurations much early during development phase.
CloudView offers an integration with GitHub to secure Git repositories using a GitHub
actions, that can be used to scan your IaC templates from GitHub repositories. It
continuously verifies security misconfigurations against CloudView security controls and
displays the misconfigurations for each run. You have a continuous visibility of security
posture of your IaC Templates at GitHub repositories and plan for remediation. Follow this
guide for more details.
For supported templates, other integrations, and features of Cloud IaC Security, refer to
CloudView User Guide and CloudView API User Guide.
Qualys IaC Security Integration with GitHub
Scanning IaC Templates at GitHub
2
Scanning IaC Templates at GitHub
The GitHub integration allows you to perform IaC scans at the GitHub repositories on the
pull and push requests. We provide you with a GitHub actions template and options that
can be configured to run based on various triggers.
You can perform IaC scan on either of the following:
- the entire repository for the branch where the manual/scheduled event was performed.
- the templates that were newly added to the branch.
The results are generated within GitHub that provide you with proactive visibility into the
Cloud security by scanning the templates residing in GitHub repositories.
Let us see the quick workflow:
Pre-requisite
Configure Environment Variables
Configure GitHub Actions
Trigger Scan
Understanding Scan Output
Pre-requisite
Ensure that you have valid subscription of Qualys CloudView (Cloud Security Assessment)
app.
Before you trigger IaC scans in GitHub, ensure that you configure environment variables
that are used in the actions.
Self-hosted runners must use a Linux operating system and have Docker installed to run
this action.
Qualys IaC Security Integration with GitHub
Scanning IaC Templates at GitHub
3
Configure Environment Variables
On GitHub console, go to your organization > Setting > Secrets > Actions. Provide the
required details for actions secrets.
Configure GitHub Actions
You can use the Qualys GitHub action template from GitHub marketplace to scan the
repository.
It will then execute on every action such as pull request, push request, manual trigger,
and scheduled job.
To add the Qualys GitHub action in your repository:
1. In GitHub, navigate to your repository, and click Actions.
Variable Description
URL
Qualys platform URL. To know about your Qualys platform URL, click
here
.
USERNAME
Qualys username
PASSWORD
Qualys password
剩余10页未读,继续阅读
资源评论
百态老人
- 粉丝: 1707
- 资源: 2万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- MySQL是一种广泛使用的开源关系型数据库管理系统
- MySQL是一种广泛使用的开源关系型数据库管理系统
- MySQL是一种广泛使用的开源关系型数据库管理系统
- 012c3c44c465a099108e0d8570b86a70.zip
- 基于Java和JavaWeb的网上商城项目设计源码 - myshopping
- 基于Vue和JavaScript的书城项目设计源码 - Demo12.18
- wp2787778-map-wallpaper.jpg
- 基于Javascript的杜王町打工人仓库管理系统设计源码 - 杜王町打工人的仓库
- 基于C#的报销材料合并工具设计源码 - 报账材料合并
- 基于Java的驾校一点通后端服务设计源码 - jiaxiaoServer
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功