CI scans are security scans triggered during CI/CD pipeline execution. When a CI/CD pipeline runs and the Cortex Cloud CI integration is configured, the pipeline triggers a security scan that evaluates the code changes in the build pipeline against enabled scanners. CI scans produce a CI Status that indicates whether the scan passed, failed, or passed with issues, enabling build pipeline security gates that block deployments with policy-violating code.
CI scans are triggered automatically by the CI/CD pipeline integration. The CI scan results appear in the CI scan inventory after the pipeline completes the security scanning stage.
How to access CI scans
Under Modules select → .
CI scan inventory table
The following properties are visible by default. Click the Menu settings icon in the inventory toolbar for additional properties.
Note
The inventory table displays scan issues for visibility only; remediation is not available in scan management. To resolve issues, navigate to the dedicated issue type inventory, where you can manage and remediate them.
Use the filter bar above the inventory to filter CI scan results by repository name, organization, run ID, scanned branch, CI status, scan health status, and scan date range.
Expanded CI scan details
Selecting a scan from the inventory opens its side car, which displays a general overview of the scan's details and provides access to details of issues and findings via dedicated scan type tabs.
The overview tab displays these scan details.
General scan information
Organization: The specific business entity or organizational unit associated with the periodic scan
Scan Date: The date and time when the periodic scan was performed
Scan Health: The overall health status of the periodic scan, indicating its success, failure, or other relevant states
Code context
Repository: The version control repository that was scanned
Scanned Branch: The specific branch within the repository that was subjected to the periodic scan
Scan results summary
Issues: A breakdown by severity and count of actionable security issues identified from the scan's findings
Issues by Type: A categorization and count of identified issues based on their specific vulnerability types (such as IaC, Secrets)
Findings: A breakdown by severity and count of findings discovered by the scan before being converted into actionable issues
Findings by Type: A categorization and count of raw findings based on their specific detection types.
When selecting the Vulnerabilities tab, the Issues tab is displayed by default. Selecting an issue in the table that is presented then opens its side card directly within Scans Management, eliminating the need to navigate to the dedicated Vulnerabilities issues page.
For detailed information about vulnerabilities issues, refer to Software Composition Analysis (SCA) vulnerability issues.
Select the tab to open a list of findings associated with the issue, including the name of the finding, the asset in which the finding was detected, and the repository hosting the asset.
Click on a finding for additional details, including a description of the finding the asset type and group associated with the finding, when last updated, and evidence for the finding.
When selecting the Configurations tab, the Issues tab is displayed by default. Selecting an issue in the table that is presented then opens its side card directly within Scans Management, eliminating the need to navigate to the dedicated IaC misconfigurations issues page.
For detailed information about IaC misconfiguration issues, refer to Overview.
Select the tab to open a list of findings associated with the issue, including the name of the finding, the asset in which the finding was detected, and the repository hosting the asset.
Click on a finding for additional details, including a description of the finding the asset type and group associated with the finding, when last updated, and evidence for the finding.
When selecting the Secrets tab, the Issues tab is displayed by default. Selecting an issue in the table that is presented then opens its side card directly within Scans Management, eliminating the need to navigate to the dedicated Secrets issues page.
For detailed information about Secrets issues, refer to Navigate to secrets issues.
Select the tab to open a list of findings associated with the issue, including the name of the finding, the asset in which the finding was detected, and the repository hosting the asset.
Click on a finding for additional details, including a description of the finding the asset type and group associated with the finding, when last updated, and evidence for the finding.
When selecting the Package Integrity tab, the Issues tab is displayed by default, displaying a list of package operational risk and license issues, with detailed properties for each entry. Selecting an entry then opens its side card directly within Scans Management, eliminating the need to navigate to the dedicated Package Integrity issues page.
For detailed information about Package Integrity issues, refer to Package operational risk scanner.
Select the tab to open a list of findings associated with the issue, including the name of the finding, the asset in which the finding was detected, and the repository hosting the asset.
Click on a finding for additional details, including a description of the finding the asset type and group associated with the finding, when last updated, and evidence for the finding.
CI scan actions
No management actions are available for CI scans. CI scans are triggered by the CI/CD pipeline integration and cannot be rescanned from the Cortex Cloud console. To re-execute a CI scan, re-run the CI/CD pipeline in the VCS provider or CI/CD platform.