Qualys CI/CD Security for Azure DevOps

Integrate security scanning into your existing CI/CD processes

with Azure DevOps and Qualys

Incorporate security scans to eliminate misconfigurations in the cloud and web applications

Identify and eliminate misconfigurations in the cloud and in web applications with the power and flexibility of Azure DevOps combined with Enterprise TruRisk Platform. Build IaC and WAS scans into your CI/CD processes, configure pass/fail builds based on specific misconfigurations detected, and more.

Learn more

Add scan IaC templates to your task pipeline

Launch scan parameters

Configure new service connections that connect to the Enterprise TruRisk Platform

How it works

Scan Infrastructure-as-Code templates from your repository using Qualys CloudView (Cloud Security Assessment). Configure failure criteria to pass/fail build jobs based on the number of controls that failed and the severity for each. View an IaC scan result summary with details including the git repository that was scanned, errors, scan time, job details, and more.

Read the documentation

Similar Connectors

Connect the Enterprise TruRisk Platform to hundreds of IT and Security tools to calculate cyber risk with precision and automate workflows across teams.

Atlassian Bitbucket

CI/CD

VMDR WAS CS

Atlassian Bamboo

CI/CD

VMDR WAS

Jenkins

CI/CD

VMDR WAS CS

Platform
- | Platform
- Overview
- Enterprise TruRisk Platform
  Everything you need to measure, manage, and reduce your cyber risk in one place.
- Capabilities
- All
  - | Platform
  - Asset Management
  - CyberSecurity Asset Management (CSAM)
    See entire attack surface, continuously maintain your CMDB, and track EOL/EOS software
    
    External Attack Surface Management (EASM)
    Gain an attacker’s view of your external internet-facing assets and unauthorized software
  - Vulnerability & Configuration Management
  - Vulnerability Management, Detection & Response (VMDR)
    Discover, assess, prioritize, and patch critical vulnerabilities up to 50% faster
    
    Enterprise TruRisk Management (ETM)
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    Web App Scanning (WAS)
    Automate scanning in CI/CD environments with shift left DAST testing
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
  - Risk Remediation
  - Patch Management (PM)
    Efficiently remediate vulnerabilities and patch systems
    
    Custom Assessment and Remediation (CAR)
    Quickly create custom scripts and controls for faster, more automated remediation
  - Threat Detection & Response
  - Multi-Vector EDR
    Advanced endpoint threat protection, improved threat context, and alert prioritization
    
    Context XDR
    Quickly create custom scripts and controls for faster, more automated remediation
  - Compliance
  - Policy Compliance
    Reduce risk, and comply with internal policies and external regulations with ease
    
    File Integrity Monitoring (FIM)
    Reduce alert noise and safeguard files from nefarious actors and cyber threats
  - Cloud Security
  - TotalCloud (CNAPP)
    Cloud-Native Application Protection Platform (CNAPP) for multi-cloud environment.
    
    Cloud Security Posture Management (CSPM)
    Continuously discover, monitor, and analyze your cloud assets for misconfigurations and non-standard deployments.
    
    Infrastructure as Code Security (IaC)
    Detect and remediate security issues within IaC templates
    
    SaaS Security Posture Management (SSPM)
    Automate the process of managing your SaaS apps, including global settings, user privileges, licenses, files, and their security and compliance posture.
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
    
    Cloud Detection and Response (CDR)
    Continuous real-time protection of the multi-cloud environment against active exploitation, malware, and unknown threats.
    
    Kubernetes and Container Security (KCS)
    Discover, track, and continuously secure containers – from build to runtime
- Asset Management
  - | Platform
  - Asset Management
  - CyberSecurity Asset Management (CSAM)
    See entire attack surface, continuously maintain your CMDB, and track EOL/EOS software
    
    External Attack Surface Management (EASM)
    Gain an attacker’s view of your external internet-facing assets and unauthorized software
- Vulnerability & Configuration Management
  - | Platform
  - Vulnerability & Configuration Management
  - Vulnerability Management, Detection & Response (VMDR)
    Discover, assess, prioritize, and patch critical vulnerabilities up to 50% faster
    
    Enterprise TruRisk Management (ETM)
    Consolidate & translate security & vulnerability findings from 3rd party tools
    
    Web App Scanning (WAS)
    Automate scanning in CI/CD environments with shift left DAST testing
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
- Risk Remediation
  - | Platform
  - Risk Remediation
  - Patch Management (PM)
    Efficiently remediate vulnerabilities and patch systems
    
    Custom Assessment and Remediation (CAR)
    Quickly create custom scripts and controls for faster, more automated remediation
- Threat Detection & Response
  - | Platform
  - Threat Detection & Response
  - Multi-Vector EDR
    Advanced endpoint threat protection, improved threat context, and alert prioritization
    
    Context XDR
    Quickly create custom scripts and controls for faster, more automated remediation
- Compliance
  - | Platform
  - Compliance
  - Policy Compliance
    Reduce risk, and comply with internal policies and external regulations with ease
    
    File Integrity Monitoring (FIM)
    Reduce alert noise and safeguard files from nefarious actors and cyber threats
- Cloud Security
  - | Platform
  - Cloud Security
  - TotalCloud (CNAPP)
    Cloud-Native Application Protection Platform (CNAPP) for multi-cloud environment.
    
    Cloud Security Posture Management (CSPM)
    Continuously discover, monitor, and analyze your cloud assets for misconfigurations and non-standard deployments.
    
    Infrastructure as Code Security (IaC)
    Detect and remediate security issues within IaC templates
    
    SaaS Security Posture Management (SSPM)
    Automate the process of managing your SaaS apps, including global settings, user privileges, licenses, files, and their security and compliance posture.
    
    Cloud Workload Protection (CWP)
    Detect, prioritize, and remediate vulnerabilities in your cloud environment
    
    Cloud Detection and Response (CDR)
    Continuous real-time protection of the multi-cloud environment against active exploitation, malware, and unknown threats.
    
    Kubernetes and Container Security (KCS)
    Discover, track, and continuously secure containers – from build to runtime
Solutions
- | Solutions
- Use Cases
- Endpoint Security
- Compliance
- PCI Compliance
- Cloud Security
- DevOps
- Threat Protection
- Software Supply Chain Risk
- Attack Surface Management
- NIS2
- Segments
- Small Business
- Mid-Sized Business
- Enterprise
- Federal
Customers
- Customers
- Overview
- Best Practices
- Success Stories
- Testimonials
Resources
- | Resources
- Resources
- Resources Library
- Blog
- Webinars
- Qualys Stream
- Research
- Threat Research Unit
- Security Alerts
- Security Advisories
Support
- Support
- Support Portal
- Free Training
- Documentation
- Community Discussions
- Knowledgebase
- Release Notes
- Release Notifications
More
- | More
- Partners
- Overview
- Partner Program
- VAD Partners
- VAR Resellers
- MSP/MSSP Partners
- Integration Partners
- Partner FAQs
- Find Partner
- Company
- About Us
- Our Team
- Investor Relations
- News
- Awards
- Events
- Careers
Community
- Community
- Overview
- Discuss
- Blog
- Training
- Docs
- Resources
Login
Contact Us
- Contact Us
- Chat with Us
- Schedule a Demo
- +1800 745 4355
- Request a call or Email
- Global Offices with Contacts
Try Now