Jenkins Integration
Integrate Threatspy with Jenkins to automatically trigger security scans as part of your CI/CD pipeline. This enables continuous security testing of your web applications and APIs throughout your software delivery process.
Prerequisites
Before you begin, ensure you have:
- A Threatspy account with an active subscription or trial.
- An application already created in Threatspy.
- A valid Threatspy API Key.
- The Application ID of the application you want to scan.
- Your registered Threatspy email address.
- A Jenkins server with Pipeline support enabled.
Step 1: Generate Threatspy Credentials
Log in to your Threatspy dashboard and collect the following credentials.
| Credential | Description |
|---|---|
| API Key | Used to authenticate API requests to Threatspy. |
| Application ID | Unique identifier of the application to be scanned. |
| User Email | Registered email address associated with your Threatspy account. |
> Note: Keep your API Key confidential and never hardcode it into your Jenkins pipeline.
Step 2: Configure Jenkins Credentials
Navigate to your Jenkins dashboard:
Manage Jenkins → Credentials
Add the following Secret Text credentials:
| Credential ID | Description |
|---|---|
| `THREATSPY_API_KEY` | Your Threatspy API Key |
| `THREATSPY_APP_ID` | Your Threatspy Application ID |
| `THREATSPY_USER_EMAIL` | Your registered Threatspy email address |
> Recommended: Store all Threatspy credentials as Secret Text and reference them securely within your Jenkins pipeline using `withCredentials`.
Step 3: Configure the Jenkins Pipeline
Create or update your Jenkinsfile with the following pipeline configuration:
pipeline {
agent any
stages {
stage('Security Scan') {
steps {
withCredentials([
string(credentialsId: 'THREATSPY_API_KEY', variable: 'THREATSPY_API_KEY'),
string(credentialsId: 'THREATSPY_APP_ID', variable: 'THREATSPY_APP_ID'),
string(credentialsId: 'THREATSPY_USER_EMAIL', variable: 'THREATSPY_USER_EMAIL'),
]) {
sh """
curl -X POST https://api.threatspy.secureblink.com/start-scan \
-H "x-api-key: ${THREATSPY_API_KEY}" \
-H "x-app-id: ${THREATSPY_APP_ID}" \
-H "email: ${THREATSPY_USER_EMAIL}" \
-H "Content-Type: application/json"
"""
}
}
}
}
}This pipeline triggers a Threatspy security scan during the Security Scan stage every time the Jenkins pipeline executes.
Step 4: Commit and Run the Pipeline
Commit the updated Jenkinsfile to your repository.
git add Jenkinsfile
git commit -m "Add Threatspy Jenkins integration"
git push origin mainIf your Jenkins job is configured for automatic builds, the pipeline will start after the changes are pushed. Alternatively, you can manually trigger a build from the Jenkins dashboard.
Step 5: Verify Pipeline Execution
After the pipeline starts:
- Open your Jenkins project.
- Navigate to the latest build.
- Verify that the Security Scan stage executes successfully.
- Ensure the Start Scan step completes without any errors.
Once the pipeline finishes successfully, the security scan request will be submitted to Threatspy for processing.