Skip to content

netsparker/netsparker-orb

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
.circleci
.circleci
 
 
.github
.github
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
publish-alpha.sh
publish-alpha.sh
 
 

Repository files navigation

Netsparker Enterprise Security Scan CircleCI CircleCI Community

This orb uses Netsparker Enterprise to scan your web application for security vulnerabilities. It enables security testing in your CircleCI pipeline.

What is CircleCI?

CircleCI is a leading continuous integration tool that allows building, testing,and deploying applications. Orbs allow CircleCI to be extended with additional functionality. In this particular case, this orb integrates Netsparker Enterprise with CircleCI enabling security testing of your applications.

You can learn more about Orbs here.

What is Netsparker Enterprise?

Netsparker is an easy to use yet advanced web security solution that can easily scale up and automatically find vulnerabilities in hundreds and thousands of web applications and web services within a matter of hours. It can also be easily integrated within your secure SDLC.

  • Accurate Reports with Proof-Based Scanning™
  • Scan All Your Web Assets
  • Advanced Scanning & Crawling Technology
  • Identify the Most Complex Vulnerabilities
  • Practical Vulnerability Details
  • Include All the Team to Boost Security
  • Automate Vulnerability Triage & Management
  • Integration in the SDLC, DevOps & Other Environments
  • Built-In Tools for Advanced Assessments
  • Reports - all data at your fingertips

Usage

Example config.yml:

version: 2.1

orbs:
  netsparker: netsparker/[email protected]

workflows:
  scan-workflow:
    jobs:
      - netsparker/scan:
          website_id: ${WEBSITE_ID}
          api_url: ${API_URL}
          # If scan_type is "FullWithPrimaryProfile", you do not need to fill in scanProfile_id.
          scanProfile_id: ${SCANPROFILE_ID}
          scan_type: ${SCAN_TYPE}

For more detailed usage for this Orb, please check here.

Help

Netsparker Enterprise API Settings

Before using the plug-in, you need the API Key of a user with "Start Scan" privileges to start scanning with Netsparker Enterprise.

  1. Log in to Netsparker Enterprise.

  2. Select [Your Name] (top right of window), then API Settings. The API Settings window is displayed.

  3. In the Current Password field, enter your current password.

  4. Click Submit.

  5. Your User ID and Token are displayed.

  6. Then add these values to your project as shown here.

  7. for more information click

Other areas required for CircleCI integration

In order to access other information (eg website_id, scan_type) required in ".yaml" file;

  1. Log in to Netsparker Enterprise.
  2. Click "Integrations> New Integration" from the menu on the left. From the page that opens, click CircleCI under the "Continuous Integration Systems" tab.
  3. Please select the type you want to scan. (Incremental, Full With primary profile, Full With selected profile). ApiUrl, WebsiteId, ScanType and ProfileId will be provided to you according to your choice. You can add values without quotation marks, as shown in the usage area.

Capture

About

Netsparker Enterprise Security Scan Orb

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

3 stars

Watchers

12 watching

Forks

2 forks
Report repository

Releases

5 tags

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages