Integrating Netsparker Enterprise with GitLab

GitLab is a web-based Git repository manager that provides CI/CD pipeline[6] features, enabling you to add CI configuration to your source control repository using just one file.

You can integrate Netsparker Enterprise with GitLab using cURL scripts. This topic explains how to generate and use cURL scripts to integrate Netsparker Enterprise with GitLab in order to enable our advanced integration functionality.

Generating and Using Netsparker Enterprise’s GitLab Integration Scripts

Netsparker Enterprise uses cURL command-line tools to integrate with GitLab. These scripts have been tested and approved for GitLab version 9+. In order to integrate with Netsparker Enterprise, GitLab Runner’s execution environment must support cURL.

How to Generate Netsparker Enterprise's GitLab Integration Scripts

  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Integrations, then New Integration.

  1. From the Continuous Integration Systems panel, click Integrate GitLab. The GitLab Integration window is displayed.

  1. From the Integration Script Generator section, select the relevant Scan Settings:
  • From the Scan Type field, select an option
  • From the Website dropdown, select a website
  • From the Scan Profile dropdown, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type)

  1. In the cURL field, click Click Copy to clipboard to copy the cURL script. (You will then paste this into the file described in the next How to.)

How to Use Netsparker Enterprise's GitLab Integration Script

    1. Paste the copied script (from the previous How to) into your .gitlab-ci.yml file, as shown in the example. Then commit and push it to the Git repository.

  1. Log in to your GitLab account.
  2. Navigate to your GitLab Project window.

  1. Click Settings, then CI / CD.
  2. Expand the Variables section. Add your Nesparker Enterprise API credentials as NETSPARKERUSERID and NETSPARKERAPITOKEN variables.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO