Integrate Orca Security with Vulnetix. Use Orca's shift-left GitHub Actions to scan IaC, containers, and code. Export SARIF findings for upload to Vulnetix.
SaaS platformSARIFJSON
Run Orca Security in CI
Scan on every push and upload the results to Vulnetix:
- name: Orca IaC scan
id: orca
uses: orcasecurity/shiftleft-iac-action@v1
with:
api_token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
project_key: ${{ vars.ORCA_PROJECT_KEY }}
path: "terraform,k8s"
format: sarif
output: results/
- name: Upload SARIF to Vulnetix
run: vulnetix upload --file results/iac.sarif
Centralise Orca Security results in Vulnetix
Upload Orca Security SARIF, JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.