Continuous integrations overview
You can integrate Invicti DAST into your CI/CD pipelines to automate security testing as part of your software development lifecycle. This enables continuous, proactive detection of vulnerabilities before deployment.
CI-driven scans
CI-driven scans allow you to run Invicti DAST directly from a Docker container within your CI/CD workflows. This modern, flexible approach supports scalable, automated security testing with minimal setup.
To use CI-driven scans:
- Configure your Invicti Platform account with API access.
- Pull and execute the Invicti Scan CLI Docker image within your pipeline.
- Supply scan parameters such as target asset, profile, and API token.
Invicti CI/CD integration supports breaking pipelines, viewing results within the pipeline, and downloading reports.
Platform compatibility
This integration is compatible with any CI/CD system that supports Docker, including:
- Azure Pipelines
- GitLab CI/CD
- Jenkins
Advanced configuration
You can enhance CI-driven scans with:
- Custom scan profiles
- Authentication settings for logged-in scanning
- Conditional logic to fail builds on detected vulnerabilities
- Environment-specific configurations for staging, production, etc.