Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jenkinsci/contrast-continuous-application-security-plugin

Jenkins Plugin from Contrast Security
https://github.com/jenkinsci/contrast-continuous-application-security-plugin

devsecops jenkins jenkins-plugin security security-tools vulnerabilities

Last synced: 13 days ago
JSON representation

Jenkins Plugin from Contrast Security

Awesome Lists containing this project

README 

        

![Jenkins Cat](img/jenkins-cat.png "Jenkins Cat" )



# Contrast Jenkins Plugin



Repository for the Contrast Jenkins plugin. This plugin adds the ability to configure a connection to a Jenkins Build.



## Requirements

* Jenkins version >= 2.60.3

> Note: for Jenkins versions between 1.625.3 and 2.60.3, use plugin version [2.12.1](https://github.com/jenkinsci/contrast-continuous-application-security-plugin/releases/tag/contrast-continuous-application-security-2.12.1)



## Documentation

[Contrast Docs](https://docs.contrastsecurity.com/en/jenkins.html)



## Charts



There are 2 charts that are generated after each build `Vulnerability Trends Across Builds` and `Severity Trends Across Builds`.



Here are two examples of the charts:



![Severity Trends Across Builds](img/severity_trends.png)



![Vulnerability Trends Across Builds](img/vuln_trends.png)



> **Note:** The Vulnerability Report is not supported by the pipeline step and jobs that have applications with overridden Vulnerability Security Controls. Your Contrast admin can override the Vulnerability Security Controls for certain applications using the Job Outcome Policies in Contrast. 



## Exported Configurations



[TeamServer Profile Config](contrastPluginConfig.xml)



[Contrast Vulnerability Security Controls Config](vulnerabilityTrendRecorderConfig.xml)



## Building the plugin



`mvn clean install`



## Running Locally



`./run.sh`