The Application Security CLI, part of the Cortex CLI, allows developers and security teams to integrate security checks directly into their application development workflows.
The Code Security CLI supports the following scan types:
Code Security CLI scan behavior and output
The Code Security CLI supports the following scan types:
Scans generate assets (see Code Security assets, issues, and findings
If one scanner (such as Secrets) fails, the other scanners will continue to run and produce results
Scan failures trigger an error message indicating the scanner that failed
Authentication
Local developer workflows: Run manual, ad-hoc scans on your local machine to catch vulnerabilities and misconfigurations before committing code to your version control system
CI/CD pipeline automation: The Application Security CLI serves as the core integration mechanism for security scanning within your automated pipelines. By inserting simple code snippets into CI tools like Jenkins, GitHub Actions, CircleCI, or GitLab Runner, the CLI acts as a wrapper to enforce security guardrails dynamically and block risky deployments
Requirements
Comprehensive documentation regarding the CLI, including system requirements, installation instructions (Package Manager, manual download, UI-based), authentication, proxy configuration, and the full command-line reference, has been consolidated into the main Cortex CLI guide.
For detailed information about the Cortex Cloud CLI, refer to Cortex CLI.