How to trigger remote scan in CI/CD setup?

This article describes how to configure Strobes along with a build automation tool such as Jenkins to trigger SAST and DAST scanners within your CI/CD pipeline. We achieve this by creating an extra build step that uses the Strobes configuration to run the scans in a remote environment and send back results. 


Steps to Setup Jenkins

  • Click on the Advanced tab
  • Scroll down to the Upload plugin
  • Select the HPI file you downloaded in the first step

  • The plugin will get installed as shown in the above screenshot
  • A restart is not required for this plugin
  • Go to Strobes instance logged in as owner or manager
  • Head over to the API access page under Settings


  • Generate an API token and copy it


  • Go back to manage Jenkins and click on the configuration
  • Scroll down till you find a new section called “Strobes Scan” 
  • Configure the URL and API key. (Note: The url should be in the format of https://<yourorganization> )


  • Go back to Jenkins Dashboard and select an existing project or create a new project to add Strobes build step
  • Scroll down to build and click on add build step, you’ll see a strobes scan step - click it


  • Configure the build step

  • Scan configuration is the one that you created inside Strobes
  • Target is the Branch name or URL you want to scan
  • Build criteria - select “stop on failure” if you want to stop the scan on bugs found
  • Time to wait - enter max time for wait
  • And you’re Jenkins build step should be ready
  • The console output of the scan

Was this article helpful?
0 out of 0 found this helpful



Article is closed for comments.

Articles in this section

See more