Vulnetix
Try Vulnetix Request Demo
CI/CD integration

Buddy Integration Guide

Security scanning in Buddy pipelines

Get a Free API Key

Integrate Vulnetix CLI into Buddy pipelines for automated vulnerability scanning.

Add Vulnetix to Buddy

Create buddy.yml and run the Vulnetix CLI in your Buddy pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:

- pipeline: Vulnetix Security
  trigger_mode: "ON_EVERY_PUSH"
  actions:
  - action: Security Scan
    type: "BUILD"
    docker_image_name: "golang"
    docker_image_tag: "1.21"
    execute_commands:
    - go install github.com/vulnetix/cli@latest
    - vulnetix scan
    - vulnetix upload --file reports/results.sarif

Why run Vulnetix in Buddy?

Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Buddy pipeline gates merges on what is actually exploitable, not raw scanner noise.

All CI/CD integrations →  ·  All scanner integrations →