Integrating Acunetix in your Jenkins Pipeline

An Acunetix scan can easily be included as part of a Jenkins Pipeline. This provides the benefit of automatically integrating the Acunetix security scan into your continuous delivery (CD) pipeline, and this can be declared as part of your project’s source code repository.

Prerequisites

Before you start, the Acunetix Jenkins plugin must be installed and configured correctly as described in this article.

Generating the pipeline code

You can easily generate the pipeline code as follows:

  • Open the configuration for your project
  • Browse down to the Pipeline section, and click on "Pipeline Syntax"
  • Choose “Jenkins Snippet Generator”
  • In the Sample Step, choose "step: General Build Step"
  • In Build Step, choose "Acunetix"
  • Configure the following as needed
  • Scan Type
  • Scan Target
  • Fail the build if threat level is
  • Stop the scan when build fails
  • Generate Report
  • Click "Generate Pipeline Script"

Jenkins Pipeline

  • This will generate the code that needs to be inserted as a step in the Jenkins file as shown in the following example:

pipeline {

agent any

stages {

stage('Testing') {

steps {

echo 'Checking web security..'

step([$class: 'BuildScanner', profile: '11111111-1111-1111-1111-111111111111', repTemp: 'no_report', stopScan: true, target: '093a9e8f-f1c3-445f-87b8-86116d998108', threat: 'Medium'])

} } } }

Running the project

Using the Jenkins file above, the console output will contain the following:

Commit message: "new target"

[Pipeline] }

[Pipeline] // stage

[Pipeline] stage

[Pipeline] { (Testing)

[Pipeline] echo

Checking web security..

[Pipeline] step

Starting scan on target: http://testphp.vulnweb.com/ (Acunetix php test site)

Scan started

The scan threat level: "High" is greater or equal than the configured level: "Medium"

Aborting the build

The scan was stopped

[Pipeline] }

[Pipeline] // stage

[Pipeline] }

[Pipeline] // node

[Pipeline] End of Pipeline

ERROR: The scan threat level is greater or equal than the configured level

Finished: FAILURE

« Back to the Acunetix Support Page