Prerequisites
Before viewing and managing CI/CD pipeline assets, verify the following:
Prerequisite | Description |
|---|---|
License | An active Cortex Cloud license with Application Security entitlements |
RBAC role | The AppSec Admin or SOC Analyst role, or an equivalent custom role with asset inventory and issue management permissions |
VCS integration | At least one Version Control System (GitHub, GitLab, Bitbucket, Azure DevOps) integrated and active |
CI/CD integration | At least one CI/CD integration active (GitHub Actions, GitLab CI, Jenkins, Azure Pipelines, Bitbucket Pipelines, CircleCI, Argo CD, AWS CodeBuild). CI/CD pipelines are discovered through active CI/CD integrations |
Completed scan | At least one completed periodic scan that includes CI/CD configuration scanning results |
How to access CI/CD pipeline assets
To access CI/CD pipeline assets, under Inventory, select → → .
The CI/CD pipelines assets page includes a dashboard and an inventory.
CI/CD pipeline dashboard
The dashboard includes a widget displaying the connected CI pipeline providers (such as GitHub Actions, GitLab CI, and Jenkins) and the number of pipelines found in each provider. Selecting an item in the widget filters the table accordingly.
CI/CD pipeline asset inventory
The following table describes the default exposed properties of the CI/CD pipeline asset table. Select Menu Settings to view additional hidden properties (such as Last Job Execution Time and File Contributors).
Property | Description |
|---|---|
Name | The name of the CI/CD pipeline as discovered from the CI/CD integration. The Pipeline Name serves as the primary identifier for the CI/CD pipeline asset |
Provider | The CI/CD platform hosting the pipeline (for example, GitHub Actions, GitLab CI, Jenkins, Azure Pipelines, Bitbucket Pipelines, CircleCI, Argo CD, AWS CodeBuild) |
CI Instance | The CI/CD platform instance that executes the pipeline (for example, the Jenkins server name, the GitHub organization, the GitLab group) |
Repository | The parent repository containing the CI/CD pipeline definition file |
Provider | The VCS provider hosting the parent repository (GitHub, GitLab, Bitbucket, Azure DevOps) |
CI File Path | The path to the pipeline definition file within the repository (for example, . |
Business Application Names | The business applications associated with the CI/CD pipeline, inherited from the parent repository, including business criticality ratings |
Filter and prioritize CI/CD pipelines
The CI/CD Pipelines page displays a table of all CI/CD pipeline assets discovered through active CI/CD integrations. Apply filters to narrow results based on operational and security metadata.
High-priority filtering workflows
To effectively reduce the organization CI/CD risk surface, apply the following filter combinations to prioritize remediation efforts:
Prioritize active deployment workflows: Filter by Last Job Execution column (most recent first) to surface pipelines that are actively running. This ensures you are prioritizing remediation efforts on live, active workflows rather than dormant codebases
Scope by CI/CD provider: Use the CI/CD Provider filter (or dashboard widget) to isolate the inventory by provider (for example, GitHub Actions or Jenkins) to evaluate provider-specific misconfigurations and enforce platform-level security standards