Integrating Acunetix 360 with UrbanCode Deploy

You can use UrbanCode Deploy to automate application developments through your environments. It provides continuous delivery, audit trails, versioning, and approvals needed in production.

You can integrate Acunetix 360 with UrbanCode Deploy using cURL scripts, generated by our Integration Script Generator.

This topic explains how to generate and use cURL scripts to integrate Acunetix 360 with UrbanCode Deploy in order to enable our advanced integration functionality.

For further information, see What Systems Does Acunetix 360 Integrate With?.

Generating and Using Acunetix 360’s UrbanCode Deploy Integration Scripts

Acunetix 360 uses cURL command-line tools to integrate with UrbanCode Deploy.

How to Generate Acunetix 360's UrbanCode Deploy Integration Scripts

1. Log in to Acunetix 360.
2. From the main menu, select Integrations > New Integration.
3. From the Continuous Integration Systems section, select UrbanCode Deploy.
4. From the Integration Script Generator section, select the relevant Scan Settings:

• From the Scan Type field, select an option.
• From the Website drop-down, select a website.
• From the Scan Profile drop-down, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type).
• Enable the Stop the scan if the Build fails, if required.
• Enable the Fail the Build if one of the selected scan severity is detected, if required.

5. In the cURL field, select Copy to copy the cURL script. (You will then paste this into the file described in the next How to.)

Using Build Fail in Pipeline Project

It is possible to configure a failure in the UrbanCode Deploy build to stop the scan when a vulnerability severity is detected for pipeline projects.

This can be configured using the Severity parameter.

Scan Severity: With this option, you choose which severity will fail this UrbanCode Deploy build when found in a related scan. If you choose “DoNotFail”, the detected vulnerability does not affect your UrbanCode Deploy build.

The options for MinimumSeverity are:

• DoNotFail
• Critical
• High or above
• Medium or above
• Low or above
• Best Practice or above
  

Using Acunetix 360's UrbanCode Deploy Integration Script

You can use the Acunetix 360's UrbanCode Deploy Integration Script to scan your application(s). This process has two steps to complete. First, you need to create a process, then you need to scan an application with the process you created.

Prerequisites

1. An Acunetix 360's UrbanCode Deploy Integration Script
2. An UrbanCode Deploy Account

How to Use Acunetix 360's Script to Create a Process

1. From the main menu, go to Components > [YOUR_COMPONENT] > Processes.
2. Select Create Process, then enter mandatory information in the Create Process dialog. Then, select Save.
3. In the Design window, select Scripting > Shell from the menu on the left.
4. Drag Shell to the process, then select the pencil icon to edit.
5. In the Edit Properties for Shell dialog, enter a friendly name to the Name field.
6. Select Shell Script and paste the copied Acunetix 360 integration script.
7. In the Edit Script window, select Save.
8. In the Edit Properties window, select OK.
9. Select Save to save your process on the main menu.

When you successfully save your process, you can scan your application(s) by using this process.

How to Scan an Application with a Process

1. From the main menu, select Applications > [YOUR_APP].
2. From the Application: [YOUR_APP] window, select Components.
3. Select Run Process next to [YOUR_COMPONENT].
4. In the dialog, select the relevant settings:

• From the Environment drop-down, select an option.
• From the Resource drop-down, select an option.
• From the Process drop-down, select an option.
• From the Version drop-down, select an option.

5. Select Submit.

Following the successful completion of these steps, the scan starts in Acunetix 360. You can also review the output log in the UrbanCode Deploy for further details.

For more information about UrbanCode Deploy, see IBM UrbanCode Deploy Tutorial.