Qualys Container Security provides a plugin for Jenkins to get the security posture for the docker images built via the tool. The plugin can be configured to fail or pass the docker image builds based on the vulnerabilities detected.
- A valid Qualys subscription with the Container Security application activated.
- Access to Qualys Container Security application API endpoint from your build host.
- Requires the container sensor to be installed on the Jenkins build host.
For more information refer to the Qualys Container Scanning Connector for Jenkins