CICD Integration - Using Falcon Scan CLI

Before scanning applications using Falcon Scan, make sure you have:

  • Purchased a valid license for Falcon Scan.

  • Downloaded and installed Falcn Scan CLI plugin. Download the latest version of Falcn Scan CLI from latest

  • Downloaded and installed JDK 11

  • Follow the instructions Generating Security Token to generate security token

CICD Integration

  1. Once the appropriate version of Falcon Scan CLI is downloaded, unzip the binary

      unzip falcon-scan-cli-[VERSION]-[OS].zip

  2. Navigate to the bin directory within falcon-scan-cli-[VERSION]-[OS]

  3. Run falcon-scan-cli command with following options

    1. -serviceHost=xxx
      Falcon Scan service URL

    2. -authToken=xxx
      Security token generated from the server

    3. -applicationKey=x.x
      Unique id of the application / project being scanned

    4. -applicationName=.
      Name of the application being scanned

    5. -source=xxx
      Optional. Location of the project source directory. If ignored, current directory will be used as the project source directory

    6. -scmBranchName=xxx
      Optional. SCM branch for which code is being analysed. If ignored, the default value will be `master`

    7. -DpullRequestId=xxx
      _Optional.SCM Pull request name for which code is being analyzed

    8. -organization=xxx
      Optional. Organization under which the project should be categorized. If ignored, the default organization will be used. Value can be any of Organization Name / Id / Ext Id

  4. Complete example may look like

      FALCON_SCAN_BIN_DIRECTORY> ./falcon-scan-cli
  -serviceHost <SERVICE URL>
  -authToken <SECURITY TOKEN>
  -applicationKey orders-eapi
  -source <PROJECT_ROOT_DIRECTORY>
  -applicationName="Orders EAPI"

See Also