Security gates

Security on IntegraCI is not a separate tool you visit; it is a gate your changes pass through. The platform orchestrates the scanners you already run and decides, by policy, whether a change is allowed to move on.

Scans run as pipeline steps

When a pipeline runs, your security scanners run as steps inside it. That can include static analysis, dependency and composition checks, secret scanning, and dynamic testing, depending on what you have connected. IntegraCI sequences these steps and collects their output; it does not replace your scanners or run them in a black box.

Results in one report

The findings from every scanner are normalized into a single report on the pipeline run, instead of scattered across each tool’s own dashboard. You see what was found, how serious it is, and where, in one place.

The gate decides

A gate is policy as code that reads the report and decides: pass, or stop. You set the bar, for example “no new high-severity findings” or “no exposed secrets”, and the gate enforces it on every run. A change that does not clear the bar does not proceed, and the reason is recorded.

Findings reach the Secure view

Confirmed findings flow into the Secure view, so security and platform teams can see posture across services rather than per pipeline. The same data feeds each service’s scorecard.

Exceptions, on the record

Sometimes you need to ship with a known finding. Rather than disabling the gate, you grant a scoped, recorded exception with an approval behind it. The finding stays visible, the decision is auditable, and the gate keeps protecting everything else.

Evidence, collected for you

Scan results, gate decisions, and approvals are pulled from real platform data and can be exported as one evidence bundle when an audit comes. You prove the control ran; you do not reassemble it after the fact.

Next

Learn how AI actions stay inside the same kind of guardrails: The AI gateway.