Child pages
  • IBM Security AppScan Source Scanner Plugin

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup

 Project Description

The purpose of this plugin is to allow Jenkins to perform static code analysis (SCA/SAST) with IBM AppScan Source for Analysis with minimal configuration. AppScan Source for Analysis is a security tool provided by IBM that will scan application source code for vulnerabilities. Configuring AppScan Source to perform automated scanning with custom batch jobs or shell scripts can be a time-consuming and error-prone process. This Jenkins plugin greatly simplifies the process of automating AppScan Source by providing global settings and simple scan configuration within Jenkins.For more information on IBM AppScan Source, please visit the official IBM site


This plugin requires the following:

  • A valid license for AppScan Source for Analysis and AppScan Source for Automation
    Note: The automation license is required to unlock the command-line interface (cli) functionality
  • AppScan Source for Analysis must be installed on the same server as Jenkins
  • The AppScan Source project or application files for the application(s) you are scanning (.PAF, .PPF, etc)
  • Application source code and dependencies must already be referenced in the AppScan Source project or application files


Execute application scans with IBM Security AppScan Source