Prerequisites
Before viewing and managing CI/CD instance assets, verify the following:
Prerequisite | Description |
|---|---|
License | An active Cortex Cloud license with Application Security entitlements |
RBAC role | The AppSec Admin or SOC Analyst role, or an equivalent custom role with asset inventory and issue management permissions |
CI/CD integration | At least one CI/CD integration active (GitHub Actions, GitLab CI, Jenkins, Azure Pipelines, CircleCI). CI/CD instances are discovered through active CI/CD integrations |
Completed scan | At least one completed periodic scan that includes CI/CD configuration scanning results |
How to access CI/CD instance assets
To access CI/CD instance assets, under Inventory, select → → .
The CI/CD instances assets page includes a dashboard and an inventory.
CI/CD instance dashboard
The dashboard includes a widget displaying the connected CI/CD providers (such as Jenkins, GitHub Actions, and GitLab CI) and the number of instances found in each provider. Selecting an item in the widget filters the table accordingly.
CI/CD instance asset inventory
The following table describes the default exposed properties of the CI/CD instance asset table. Select Menu Settings to view additional hidden properties.
Property | Description |
|---|---|
Name | The name of the CI/CD instance as discovered from the CI/CD integration. The Instance Name serves as the primary identifier for the CI/CD instance asset |
Provider | The CI/CD platform type hosting the instance (Jenkins, GitHub Actions, GitLab CI, Azure Pipelines, CircleCI), displayed with a provider icon |
URL | The direct URL to the CI/CD platform instance (for example, |
Last Observed | The date and time when the CI/CD instance was most recently detected or synchronized by the active CI/CD integration. This timestamp helps verify that the integration is actively monitoring the platform |
Pipeline Count | The total number of CI/CD pipelines hosted and executed by the CI/CD instance. This metric helps assess the scale, usage, and potential blast radius of the platform |
Filter and prioritize CI/CD instances
The CI/CD Instances page displays a table of all CI/CD instance assets discovered through active CI/CD integrations. Apply filters to narrow results based on operational and security metadata.
High-priority filtering workflows
To effectively reduce the organization CI/CD risk surface, apply the following filter combinations to prioritize remediation efforts:
Scope by CI/CD provider: Use the Provider filter (or dashboard widget) to isolate the inventory by provider (for example, Jenkins or GitHub Actions) to evaluate provider-specific misconfigurations and enforce platform-level security standards
Assess blast radius by pipeline count: Review the Pipeline Count attribute to identify the CI/CD instances hosting the largest number of pipelines. Securing these high-volume platforms effectively reduces risk across a broader segment of your development lifecycle