Creating custom Gitlab plugin to be incorporated as CI step

I need to integrate my security product with Gitlab to control faulty code from getting into production

Is it possible to write a custom plugin for Gitlab pipeline which will launch a scan and get security posture of the project:

  • *I am new to Gitlab and don’t know many options. What I see is file hooks and other is Gitlab source code service contributions.
    What I am looking for is a configuration UI which will accept my product credentials and build pass/fail criteria if vulnerabilities found.
    Then when this task is incorporated in the CI, it will launch scan, get the vuln data and evaluate against configured criteria to pass/fail build. And a report can be generated accordingly.

Is there any mechanism similar to Jenkins/Bamboo plugins which allows extending the functionality in Gitlab?