Integrate Vulnetix CLI into Jenkins declarative and scripted pipelines. Upload SARIF, CycloneDX, SPDX security reports for centralized vulnerability management.
Add Vulnetix to Jenkins
Create Jenkinsfile and run the Vulnetix CLI in your Jenkins pipeline. It collects SARIF, CycloneDX and SPDX artifacts automatically and uploads them for centralised vulnerability management:
pipeline {
agent any
environment {
VULNETIX_ORG_ID = credentials('vulnetix-org-id')
}
stages {
stage('Security Scan') {
steps {
sh '''
curl -fsSL https://raw.githubusercontent.com/vulnetix/cli/main/install.sh | sh
export PATH=$PATH:$HOME/.local/bin
vulnetix scan
vulnetix upload --file reports/results.sarif
'''
}
}
}
}
Why run Vulnetix in Jenkins?
Every scan from every job lands in one queue, deduplicated and prioritised with EPSS, CISA KEV and Coalition ESS exploit intelligence — so your Jenkins pipeline gates merges on what is actually exploitable, not raw scanner noise.