Mondoo
Docs
Integrate Your AssetsSupply Chain

Software Supply Chain Security

Catch security issues in CI/CD, build pipelines, and container registries before they reach production.

Mondoo integrates into your development workflows so security issues surface early, when they're cheapest to fix. There are three places to plug Mondoo in:

CI/CD pipelines

Run cnspec scans as part of your CI pipeline. Supported platforms:

Image and infrastructure-as-code builds

Build secure VM and container images, and scan IaC before it deploys:

Container registries

Test container images on your workstation before publishing:

Secrets Management

Learn how you can use secrets managers such as HashiCorp Vault, Google Cloud Secrets Manager, and AWS Secrets Manager with Mondoo.

Overview

Integrate Mondoo with major CI/CD platforms to catch security issues before they reach production.

On this page

CI/CD pipelinesImage and infrastructure-as-code buildsContainer registries