defectdojo_api_generated.ImportScanApi
All URIs are relative to http://localhost
| Method | HTTP request | Description |
|---|---|---|
| create | POST /api/v2/import-scan/ |
create
ImportScan create(scan_date=scan_date, minimum_severity=minimum_severity, active=active, verified=verified, endpoint_to_add=endpoint_to_add, file=file, product_type_name=product_type_name, product_name=product_name, engagement_name=engagement_name, engagement_end_date=engagement_end_date, source_code_management_uri=source_code_management_uri, test_title=test_title, auto_create_context=auto_create_context, deduplication_on_engagement=deduplication_on_engagement, lead=lead, push_to_jira=push_to_jira, environment=environment, build_id=build_id, branch_tag=branch_tag, commit_hash=commit_hash, api_scan_configuration=api_scan_configuration, service=service, group_by=group_by, create_finding_groups_for_all_findings=create_finding_groups_for_all_findings, apply_tags_to_findings=apply_tags_to_findings, apply_tags_to_endpoints=apply_tags_to_endpoints, scan_type=scan_type, engagement=engagement, tags=tags, close_old_findings=close_old_findings, close_old_findings_product_scope=close_old_findings_product_scope, version=version)
Imports a scan report into an engagement or product.
By ID:
- Create a Product (or use an existing product)
- Create an Engagement inside the product
- Provide the id of the engagement in the engagement parameter
In this scenario a new Test will be created inside the engagement.
By Names:
- Create a Product (or use an existing product)
- Create an Engagement inside the product
- Provide product_name
- Provide engagement_name
- Optionally provide product_type_name
In this scenario Defect Dojo will look up the Engagement by the provided details.
When using names you can let the importer automatically create Engagements, Products and Product_Types
by using auto_create_context=True.
When auto_create_context is set to True you can use deduplication_on_engagement to restrict deduplication for
imported Findings to the newly created Engagement.
Example
- Basic Authentication (basicAuth):
- Api Key Authentication (cookieAuth):
- Api Key Authentication (tokenAuth):
import defectdojo_api_generated
from defectdojo_api_generated.models.import_scan import ImportScan
from defectdojo_api_generated.rest import ApiException
from pprint import pprint
# Defining the host is optional and defaults to http://localhost
# See configuration.py for a list of all supported configuration parameters.
configuration = defectdojo_api_generated.Configuration(
host = "http://localhost"
)
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
# Configure HTTP basic authorization: basicAuth
configuration = defectdojo_api_generated.Configuration(
username = os.environ["USERNAME"],
password = os.environ["PASSWORD"]
)
# Configure API key authorization: cookieAuth
configuration.api_key['cookieAuth'] = os.environ["API_KEY"]
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['cookieAuth'] = 'Bearer'
# Configure API key authorization: tokenAuth
configuration.api_key['tokenAuth'] = os.environ["API_KEY"]
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['tokenAuth'] = 'Bearer'
# Enter a context with an instance of the API client
with defectdojo_api_generated.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = defectdojo_api_generated.ImportScanApi(api_client)
scan_date = '2013-10-20' # date | Scan completion date will be used on all findings. (optional)
minimum_severity = Info # str | Minimum severity level to be imported * `Info` - Info * `Low` - Low * `Medium` - Medium * `High` - High * `Critical` - Critical (optional) (default to Info)
active = True # bool | Force findings to be active/inactive or default to the original tool (None) (optional)
verified = True # bool | Force findings to be verified/not verified or default to the original tool (None) (optional)
endpoint_to_add = 56 # int | Enter the ID of an Endpoint that is associated with the target Product. New Findings will be added to that Endpoint. (optional)
file = None # bytearray | (optional)
product_type_name = 'product_type_name_example' # str | Also referred to as 'Organization' name. (optional)
product_name = 'product_name_example' # str | Also referred to as 'Asset' name. (optional)
engagement_name = 'engagement_name_example' # str | (optional)
engagement_end_date = '2013-10-20' # date | End Date for Engagement. Default is current time + 365 days. Required format year-month-day (optional)
source_code_management_uri = 'source_code_management_uri_example' # str | Resource link to source code (optional)
test_title = 'test_title_example' # str | (optional)
auto_create_context = True # bool | (optional)
deduplication_on_engagement = True # bool | (optional)
lead = 56 # int | (optional)
push_to_jira = False # bool | (optional) (default to False)
environment = 'environment_example' # str | (optional)
build_id = 'build_id_example' # str | ID of the build that was scanned. (optional)
branch_tag = 'branch_tag_example' # str | Branch or Tag that was scanned. (optional)
commit_hash = 'commit_hash_example' # str | Commit that was scanned. (optional)
api_scan_configuration = 56 # int | (optional)
service = 'service_example' # str | A service is a self-contained piece of functionality within a Product. This is an optional field which is used in deduplication and closing of old findings when set. This affects the whole engagement/product depending on your deduplication scope. (optional)
group_by = 'group_by_example' # str | Choose an option to automatically group new findings by the chosen option. * `component_name` - Component Name * `component_name+component_version` - Component Name + Version * `file_path` - File path * `finding_title` - Finding Title * `vuln_id_from_tool` - Vulnerability ID from Tool (optional)
create_finding_groups_for_all_findings = True # bool | If set to false, finding groups will only be created when there is more than one grouped finding (optional) (default to True)
apply_tags_to_findings = True # bool | If set to True, the tags will be applied to the findings (optional)
apply_tags_to_endpoints = True # bool | If set to True, the tags will be applied to the locations (optional)
scan_type = 'scan_type_example' # str | * `Acunetix Scan` - Acunetix Scanner * `Anchore Engine Scan` - Anchore Engine Scan * `Anchore Enterprise Policy Check` - Anchore Enterprise Policy Check * `Anchore Grype` - Anchore Grype * `Anchore Grype detailed` - Anchore Grype detailed * `AnchoreCTL Policies Report` - AnchoreCTL Policies Report * `AnchoreCTL Vuln Report` - AnchoreCTL Vuln Report * `AppCheck Web Application Scanner` - AppCheck Web Application Scanner * `AppSpider Scan` - AppSpider Scan * `Aqua Scan` - Aqua Scan * `Arachni Scan` - Arachni Scan * `AuditJS Scan` - AuditJS Scan * `AWS Inspector2 Scan` - AWS Inspector2 Scan * `AWS Prowler Scan` - AWS Prowler Scan * `AWS Prowler V3` - AWS Prowler V3 * `AWS Security Finding Format (ASFF) Scan` - AWS Security Finding Format (ASFF) * `AWS Security Hub Scan` - AWS Security Hub Scan * `Azure Security Center Recommendations Scan` - Azure Security Center Recommendations Scan * `Bandit Scan` - Bandit Scan * `Bearer CLI` - Bearer CLI * `BlackDuck API` - BlackDuck API * `Blackduck Binary Analysis` - Blackduck Binary Analysis * `Blackduck Component Risk` - Blackduck Component Risk * `Blackduck Hub Scan` - Blackduck Hub Scan * `Brakeman Scan` - Brakeman Scan * `Bugcrowd API Import` - Bugcrowd API Import * `BugCrowd Scan` - BugCrowd Scan * `Bundler-Audit Scan` - Bundler-Audit Scan * `Burp Dastardly Scan` - Burp Dastardly Scan * `Burp Enterprise Scan` - Burp Enterprise Scan (RENAMED to Burp Suite DAST Scan) * `Burp REST API` - Burp REST API * `Burp Scan` - Burp Scan * `Burp GraphQL API` - Burp Suite DAST GraphQL API * `Burp Suite DAST Scan` - Burp Suite DAST Scan * `CargoAudit Scan` - CargoAudit Scan * `Checkmarx CxFlow SAST` - Checkmarx CxFlow SAST * `Checkmarx One Scan` - Checkmarx One Scan * `Checkmarx OSA` - Checkmarx OSA * `Checkmarx Scan` - Checkmarx Scan * `Checkmarx Scan detailed` - Checkmarx Scan detailed * `Checkov Scan` - Checkov Scan * `Chef Inspect Log` - Chef Inspect Log * `Choctaw Hog Scan` - Choctaw Hog Scan * `Clair Scan` - Clair Scan * `Cloudflare Insights` - Cloudflare Insights * `Cloudsploit Scan` - Cloudsploit Scan * `Cobalt.io API Import` - Cobalt.io API Import * `Cobalt.io Scan` - Cobalt.io Scan * `Codechecker Report native` - Codechecker Report native * `Contrast Scan` - Contrast Scan * `Coverity API` - Coverity API * `Coverity Scan JSON Report` - Coverity Scan JSON Report * `Crashtest Security JSON File` - Crashtest Security JSON File * `Crashtest Security XML File` - Crashtest Security XML File * `CredScan Scan` - CredScan Scan * `Crunch42 Scan` - Crunch42 Scan * `Cyberwatch scan (Galeax)` - Cyberwatch scan (Galeax) * `CycloneDX Scan` - CycloneDX Scan * `Cycognito Scan` - Cycognito Scan * `DawnScanner Scan` - DawnScanner Scan * `Deepfence Threatmapper Report` - Deepfence Threatmapper Report * `Dependency Check Scan` - Dependency Check Scan * `Dependency Track Finding Packaging Format (FPF) Export` - Dependency Track Finding Packaging Format (FPF) Export * `Detect-secrets Scan` - Detect-secrets Scan * `docker-bench-security Scan` - docker-bench-security Scan * `Dockle Scan` - Dockle Scan * `DrHeader JSON Importer` - DrHeader JSON Importer * `DSOP Scan` - DSOP Scan * `Duroc Hog Scan` - Duroc Hog Scan * `Edgescan Scan` - Edgescan Scan * `ESLint Scan` - ESLint Scan * `Essex Hog Scan` - Essex Hog Scan * `Fortify Scan` - Fortify Scan * `Generic Findings Import` - Generic Findings Import * `Ggshield Scan` - Ggshield Scan * `Github SAST Scan` - Github SAST Scan * `Github Secrets Detection Report Scan` - Github Secrets Detection Report Scan * `Github Vulnerability Scan` - Github Vulnerability Scan * `GitLab API Fuzzing Report Scan` - GitLab API Fuzzing Report Scan * `GitLab Container Scan` - GitLab Container Scan Scan * `GitLab DAST Report` - GitLab DAST Report * `GitLab Dependency Scanning Report` - GitLab Dependency Scanning Report * `GitLab SAST Report` - GitLab SAST Report * `GitLab Secret Detection Report` - GitLab Secret Detection Report * `Gitleaks Scan` - Gitleaks Scan * `Google Cloud Artifact Vulnerability Scan` - Google Cloud Artifact Vulnerability Scan * `Gosec Scanner` - Gosec Scanner * `Gottingen Hog Scan` - Gottingen Hog Scan * `Govulncheck Scanner` - Govulncheck Scanner * `HackerOne Cases` - HackerOne Cases * `Hadolint Dockerfile check` - Hadolint Dockerfile check * `Harbor Vulnerability Scan` - Harbor Vulnerability Scan * `HCL AppScan on Cloud SAST XML` - HCL AppScan on Cloud SAST XML * `HCLAppScan XML` - HCLAppScan XML * `Horusec Scan` - Horusec Scan * `Humble Json Importer` - Humble Json Importer * `HuskyCI Report` - HuskyCI Report * `Hydra Scan` - Hydra Scan * `IBM AppScan DAST` - IBM AppScan DAST * `Immuniweb Scan` - Immuniweb Scan * `IntSights Report` - IntSights Report * `Invicti Scan` - Invicti Scan * `IriusRisk Threats Scan` - IriusRisk Threats Scan * `JFrog Xray API Summary Artifact Scan` - JFrog Xray API Summary Artifact Scan * `JFrog Xray On Demand Binary Scan` - JFrog Xray On Demand Binary Scan * `JFrog Xray Scan` - JFrog Xray Scan * `JFrog Xray Unified Scan` - JFrog Xray Unified Scan * `KICS Scan` - KICS Scan * `Kiuwan SCA Scan` - Kiuwan SCA Scan * `Kiuwan Scan` - Kiuwan Scan * `KrakenD Audit Scan` - KrakenD Audit Scan * `kube-bench Scan` - kube-bench Scan * `Kubeaudit Scan` - Kubeaudit Scan * `KubeHunter Scan` - KubeHunter Scan * `Kubescape JSON Importer` - Kubescape JSON Importer * `Legitify Scan` - Legitify Scan * `Mayhem SARIF Report` - Mayhem SARIF Report * `Mend Scan` - Mend Scan * `Meterian Scan` - Meterian Scan * `Microfocus Webinspect Scan` - Microfocus Webinspect Scan * `MobSF Scan` - MobSF Scan * `Mobsfscan Scan` - MobSF Scan * `MobSF Scorecard Scan` - MobSF Scorecard Scan * `Mozilla Observatory Scan` - Mozilla Observatory Scan * `MSDefender Parser` - MSDefender Parser * `n0s1 Scanner` - n0s1 Scanner * `Nancy Scan` - Nancy Scan * `Netsparker Scan` - Netsparker Scan * `NeuVector (compliance)` - NeuVector (compliance) * `NeuVector (REST)` - NeuVector (REST) * `Nexpose Scan` - Nexpose Scan * `Nikto Scan` - Nikto Scan * `Nmap Scan` - Nmap Scan * `Node Security Platform Scan` - Node Security Platform Scan * `Nosey Parker Scan` - Nosey Parker Scan * `NPM Audit Scan` - NPM Audit Scan * `NPM Audit v7+ Scan` - NPM Audit v7+ Scan * `Nuclei Scan` - Nuclei Scan * `OpenReports` - OpenReports * `Openscap Vulnerability Scan` - Openscap Vulnerability Scan * `OpenVAS Parser` - OpenVAS Parser * `OpenVAS Parser v2` - OpenVAS Parser v2 * `Orca Security Alerts` - Orca Security Alerts * `ORT evaluated model Importer` - ORT evaluated model Importer * `OssIndex Devaudit SCA Scan Importer` - OssIndex Devaudit SCA Scan Importer * `OSV Scan` - OSV Scan * `Outpost24 Scan` - Outpost24 Scan * `PHP Security Audit v2` - PHP Security Audit v2 * `PHP Symfony Security Check` - PHP Symfony Security Check * `PingCastle` - PingCastle * `pip-audit Scan` - pip-audit Scan * `PMD Scan` - PMD Scan * `Popeye Scan` - Popeye Scan * `Progpilot Scan` - Progpilot Scan * `Prowler Scan` - Prowler Scan * `PTART Report` - PTART Report * `PWN SAST` - PWN SAST * `Qualys Hacker Guardian Scan` - Qualys Hacker Guardian Scan * `Qualys Infrastructure Scan (WebGUI XML)` - Qualys Infrastructure Scan (WebGUI XML) * `Qualys Scan` - Qualys Scan * `Qualys Webapp Scan` - Qualys Webapp Scan * `Rapplex Scan` - Rapplex Scan * `Red Hat Satellite` - Red Hat Satellite * `Retire.js Scan` - Retire.js Scan * `ReversingLabs Spectra Assure` - ReversingLabs Spectra Assure * `Risk Recon API Importer` - Risk Recon API Importer * `Rubocop Scan` - Rubocop Scan * `Rusty Hog Scan` - Rusty Hog Scan * `SARIF` - SARIF * `Scantist Scan` - Scantist Scan * `Scout Suite Scan` - Scout Suite Scan * `Semgrep JSON Report` - Semgrep JSON Report * `Semgrep Pro JSON Report` - Semgrep Pro JSON Report * `SKF Scan` - SKF Scan * `Snyk Code Scan` - Snyk Code Scan * `Snyk Issue API Scan` - Snyk Issue API Scan * `Snyk Scan` - Snyk Scan * `Solar Appscreener Scan` - Solar Appscreener Scan Detailed_Results.csv * `SonarQube API Import` - SonarQube API Import * `SonarQube Scan` - SonarQube Scan * `SonarQube Scan detailed` - SonarQube Scan detailed * `Sonatype Application Scan` - Sonatype Application Scan * `SpotBugs Scan` - SpotBugs Scan * `SSH Audit Importer` - SSH Audit Importer * `SSL Labs Scan` - SSL Labs Scan * `Sslscan` - Sslscan * `Sslyze Scan` - Sslyze Scan * `SSLyze Scan (JSON)` - SSLyze Scan (JSON) * `StackHawk HawkScan` - StackHawk HawkScan * `Sysdig CLI Report` - Sysdig CLI Report Scan * `Sysdig Vulnerability Report` - Sysdig Vulnerability Report Scan * `Talisman Scan` - Talisman Scan * `Tenable Scan` - Tenable Scan * `Terrascan Scan` - Terrascan Scan * `Testssl Scan` - Testssl Scan * `TFSec Scan` - TFSec Scan * `Threagile risks report` - Threagile risks report * `ThreatComposer Scan` - ThreatComposer Scan * `Trivy Operator Scan` - Trivy Operator Scan * `Trivy Scan` - Trivy Scan * `Trufflehog Scan` - Trufflehog Scan * `Trufflehog3 Scan` - Trufflehog3 Scan * `Trustwave Fusion API Scan` - Trustwave Fusion API Scan * `Trustwave Scan (CSV)` - Trustwave Scan (CSV) * `Twistlock Image Scan` - Twistlock Image Scan * `VCG Scan` - VCG Scan * `Veracode Scan` - Veracode Scan * `Veracode SourceClear Scan` - Veracode SourceClear Scan * `Vulners` - Vulners * `Wapiti Scan` - Wapiti Scan * `Wazuh` - Wazuh * `WFuzz JSON report` - WFuzz JSON report * `Whispers Scan` - Whispers Scan * `WhiteHat Sentinel` - WhiteHat Sentinel * `Wiz Scan` - Wiz Scan * `Wizcli Dir Scan` - Wizcli Dir Scan * `Wizcli IaC Scan` - Wizcli IaC Scan * `Wizcli Img Scan` - Wizcli Img Scan * `Wpscan` - Wpscan * `Xanitizer Scan` - Xanitizer Scan * `Xeol Parser` - Xeol Parser * `Yarn Audit Scan` - Yarn Audit Scan * `ZAP Scan` - ZAP Scan * `Zora Parser` - Zora Parser (optional)
engagement = 56 # int | (optional)
tags = ['tags_example'] # List[str] | Add tags that help describe this scan. (optional)
close_old_findings = False # bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same engagement. (optional) (default to False)
close_old_findings_product_scope = False # bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same product.By default, it is false meaning that only old findings of the same type in the engagement are in scope. (optional) (default to False)
version = 'version_example' # str | Version that was scanned. (optional)
try:
api_response = api_instance.create(scan_date=scan_date, minimum_severity=minimum_severity, active=active, verified=verified, endpoint_to_add=endpoint_to_add, file=file, product_type_name=product_type_name, product_name=product_name, engagement_name=engagement_name, engagement_end_date=engagement_end_date, source_code_management_uri=source_code_management_uri, test_title=test_title, auto_create_context=auto_create_context, deduplication_on_engagement=deduplication_on_engagement, lead=lead, push_to_jira=push_to_jira, environment=environment, build_id=build_id, branch_tag=branch_tag, commit_hash=commit_hash, api_scan_configuration=api_scan_configuration, service=service, group_by=group_by, create_finding_groups_for_all_findings=create_finding_groups_for_all_findings, apply_tags_to_findings=apply_tags_to_findings, apply_tags_to_endpoints=apply_tags_to_endpoints, scan_type=scan_type, engagement=engagement, tags=tags, close_old_findings=close_old_findings, close_old_findings_product_scope=close_old_findings_product_scope, version=version)
print("The response of ImportScanApi->create:\n")
pprint(api_response)
except Exception as e:
print("Exception when calling ImportScanApi->create: %s\n" % e)
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| scan_date | date | Scan completion date will be used on all findings. | [optional] |
| minimum_severity | str | Minimum severity level to be imported * `Info` - Info * `Low` - Low * `Medium` - Medium * `High` - High * `Critical` - Critical | [optional] [default to Info] |
| active | bool | Force findings to be active/inactive or default to the original tool (None) | [optional] |
| verified | bool | Force findings to be verified/not verified or default to the original tool (None) | [optional] |
| endpoint_to_add | int | Enter the ID of an Endpoint that is associated with the target Product. New Findings will be added to that Endpoint. | [optional] |
| file | bytearray | [optional] | |
| product_type_name | str | Also referred to as 'Organization' name. | [optional] |
| product_name | str | Also referred to as 'Asset' name. | [optional] |
| engagement_name | str | [optional] | |
| engagement_end_date | date | End Date for Engagement. Default is current time + 365 days. Required format year-month-day | [optional] |
| source_code_management_uri | str | Resource link to source code | [optional] |
| test_title | str | [optional] | |
| auto_create_context | bool | [optional] | |
| deduplication_on_engagement | bool | [optional] | |
| lead | int | [optional] | |
| push_to_jira | bool | [optional] [default to False] | |
| environment | str | [optional] | |
| build_id | str | ID of the build that was scanned. | [optional] |
| branch_tag | str | Branch or Tag that was scanned. | [optional] |
| commit_hash | str | Commit that was scanned. | [optional] |
| api_scan_configuration | int | [optional] | |
| service | str | A service is a self-contained piece of functionality within a Product. This is an optional field which is used in deduplication and closing of old findings when set. This affects the whole engagement/product depending on your deduplication scope. | [optional] |
| group_by | str | Choose an option to automatically group new findings by the chosen option. * `component_name` - Component Name * `component_name+component_version` - Component Name + Version * `file_path` - File path * `finding_title` - Finding Title * `vuln_id_from_tool` - Vulnerability ID from Tool | [optional] |
| create_finding_groups_for_all_findings | bool | If set to false, finding groups will only be created when there is more than one grouped finding | [optional] [default to True] |
| apply_tags_to_findings | bool | If set to True, the tags will be applied to the findings | [optional] |
| apply_tags_to_endpoints | bool | If set to True, the tags will be applied to the locations | [optional] |
| scan_type | str | * `Acunetix Scan` - Acunetix Scanner * `Anchore Engine Scan` - Anchore Engine Scan * `Anchore Enterprise Policy Check` - Anchore Enterprise Policy Check * `Anchore Grype` - Anchore Grype * `Anchore Grype detailed` - Anchore Grype detailed * `AnchoreCTL Policies Report` - AnchoreCTL Policies Report * `AnchoreCTL Vuln Report` - AnchoreCTL Vuln Report * `AppCheck Web Application Scanner` - AppCheck Web Application Scanner * `AppSpider Scan` - AppSpider Scan * `Aqua Scan` - Aqua Scan * `Arachni Scan` - Arachni Scan * `AuditJS Scan` - AuditJS Scan * `AWS Inspector2 Scan` - AWS Inspector2 Scan * `AWS Prowler Scan` - AWS Prowler Scan * `AWS Prowler V3` - AWS Prowler V3 * `AWS Security Finding Format (ASFF) Scan` - AWS Security Finding Format (ASFF) * `AWS Security Hub Scan` - AWS Security Hub Scan * `Azure Security Center Recommendations Scan` - Azure Security Center Recommendations Scan * `Bandit Scan` - Bandit Scan * `Bearer CLI` - Bearer CLI * `BlackDuck API` - BlackDuck API * `Blackduck Binary Analysis` - Blackduck Binary Analysis * `Blackduck Component Risk` - Blackduck Component Risk * `Blackduck Hub Scan` - Blackduck Hub Scan * `Brakeman Scan` - Brakeman Scan * `Bugcrowd API Import` - Bugcrowd API Import * `BugCrowd Scan` - BugCrowd Scan * `Bundler-Audit Scan` - Bundler-Audit Scan * `Burp Dastardly Scan` - Burp Dastardly Scan * `Burp Enterprise Scan` - Burp Enterprise Scan (RENAMED to Burp Suite DAST Scan) * `Burp REST API` - Burp REST API * `Burp Scan` - Burp Scan * `Burp GraphQL API` - Burp Suite DAST GraphQL API * `Burp Suite DAST Scan` - Burp Suite DAST Scan * `CargoAudit Scan` - CargoAudit Scan * `Checkmarx CxFlow SAST` - Checkmarx CxFlow SAST * `Checkmarx One Scan` - Checkmarx One Scan * `Checkmarx OSA` - Checkmarx OSA * `Checkmarx Scan` - Checkmarx Scan * `Checkmarx Scan detailed` - Checkmarx Scan detailed * `Checkov Scan` - Checkov Scan * `Chef Inspect Log` - Chef Inspect Log * `Choctaw Hog Scan` - Choctaw Hog Scan * `Clair Scan` - Clair Scan * `Cloudflare Insights` - Cloudflare Insights * `Cloudsploit Scan` - Cloudsploit Scan * `Cobalt.io API Import` - Cobalt.io API Import * `Cobalt.io Scan` - Cobalt.io Scan * `Codechecker Report native` - Codechecker Report native * `Contrast Scan` - Contrast Scan * `Coverity API` - Coverity API * `Coverity Scan JSON Report` - Coverity Scan JSON Report * `Crashtest Security JSON File` - Crashtest Security JSON File * `Crashtest Security XML File` - Crashtest Security XML File * `CredScan Scan` - CredScan Scan * `Crunch42 Scan` - Crunch42 Scan * `Cyberwatch scan (Galeax)` - Cyberwatch scan (Galeax) * `CycloneDX Scan` - CycloneDX Scan * `Cycognito Scan` - Cycognito Scan * `DawnScanner Scan` - DawnScanner Scan * `Deepfence Threatmapper Report` - Deepfence Threatmapper Report * `Dependency Check Scan` - Dependency Check Scan * `Dependency Track Finding Packaging Format (FPF) Export` - Dependency Track Finding Packaging Format (FPF) Export * `Detect-secrets Scan` - Detect-secrets Scan * `docker-bench-security Scan` - docker-bench-security Scan * `Dockle Scan` - Dockle Scan * `DrHeader JSON Importer` - DrHeader JSON Importer * `DSOP Scan` - DSOP Scan * `Duroc Hog Scan` - Duroc Hog Scan * `Edgescan Scan` - Edgescan Scan * `ESLint Scan` - ESLint Scan * `Essex Hog Scan` - Essex Hog Scan * `Fortify Scan` - Fortify Scan * `Generic Findings Import` - Generic Findings Import * `Ggshield Scan` - Ggshield Scan * `Github SAST Scan` - Github SAST Scan * `Github Secrets Detection Report Scan` - Github Secrets Detection Report Scan * `Github Vulnerability Scan` - Github Vulnerability Scan * `GitLab API Fuzzing Report Scan` - GitLab API Fuzzing Report Scan * `GitLab Container Scan` - GitLab Container Scan Scan * `GitLab DAST Report` - GitLab DAST Report * `GitLab Dependency Scanning Report` - GitLab Dependency Scanning Report * `GitLab SAST Report` - GitLab SAST Report * `GitLab Secret Detection Report` - GitLab Secret Detection Report * `Gitleaks Scan` - Gitleaks Scan * `Google Cloud Artifact Vulnerability Scan` - Google Cloud Artifact Vulnerability Scan * `Gosec Scanner` - Gosec Scanner * `Gottingen Hog Scan` - Gottingen Hog Scan * `Govulncheck Scanner` - Govulncheck Scanner * `HackerOne Cases` - HackerOne Cases * `Hadolint Dockerfile check` - Hadolint Dockerfile check * `Harbor Vulnerability Scan` - Harbor Vulnerability Scan * `HCL AppScan on Cloud SAST XML` - HCL AppScan on Cloud SAST XML * `HCLAppScan XML` - HCLAppScan XML * `Horusec Scan` - Horusec Scan * `Humble Json Importer` - Humble Json Importer * `HuskyCI Report` - HuskyCI Report * `Hydra Scan` - Hydra Scan * `IBM AppScan DAST` - IBM AppScan DAST * `Immuniweb Scan` - Immuniweb Scan * `IntSights Report` - IntSights Report * `Invicti Scan` - Invicti Scan * `IriusRisk Threats Scan` - IriusRisk Threats Scan * `JFrog Xray API Summary Artifact Scan` - JFrog Xray API Summary Artifact Scan * `JFrog Xray On Demand Binary Scan` - JFrog Xray On Demand Binary Scan * `JFrog Xray Scan` - JFrog Xray Scan * `JFrog Xray Unified Scan` - JFrog Xray Unified Scan * `KICS Scan` - KICS Scan * `Kiuwan SCA Scan` - Kiuwan SCA Scan * `Kiuwan Scan` - Kiuwan Scan * `KrakenD Audit Scan` - KrakenD Audit Scan * `kube-bench Scan` - kube-bench Scan * `Kubeaudit Scan` - Kubeaudit Scan * `KubeHunter Scan` - KubeHunter Scan * `Kubescape JSON Importer` - Kubescape JSON Importer * `Legitify Scan` - Legitify Scan * `Mayhem SARIF Report` - Mayhem SARIF Report * `Mend Scan` - Mend Scan * `Meterian Scan` - Meterian Scan * `Microfocus Webinspect Scan` - Microfocus Webinspect Scan * `MobSF Scan` - MobSF Scan * `Mobsfscan Scan` - MobSF Scan * `MobSF Scorecard Scan` - MobSF Scorecard Scan * `Mozilla Observatory Scan` - Mozilla Observatory Scan * `MSDefender Parser` - MSDefender Parser * `n0s1 Scanner` - n0s1 Scanner * `Nancy Scan` - Nancy Scan * `Netsparker Scan` - Netsparker Scan * `NeuVector (compliance)` - NeuVector (compliance) * `NeuVector (REST)` - NeuVector (REST) * `Nexpose Scan` - Nexpose Scan * `Nikto Scan` - Nikto Scan * `Nmap Scan` - Nmap Scan * `Node Security Platform Scan` - Node Security Platform Scan * `Nosey Parker Scan` - Nosey Parker Scan * `NPM Audit Scan` - NPM Audit Scan * `NPM Audit v7+ Scan` - NPM Audit v7+ Scan * `Nuclei Scan` - Nuclei Scan * `OpenReports` - OpenReports * `Openscap Vulnerability Scan` - Openscap Vulnerability Scan * `OpenVAS Parser` - OpenVAS Parser * `OpenVAS Parser v2` - OpenVAS Parser v2 * `Orca Security Alerts` - Orca Security Alerts * `ORT evaluated model Importer` - ORT evaluated model Importer * `OssIndex Devaudit SCA Scan Importer` - OssIndex Devaudit SCA Scan Importer * `OSV Scan` - OSV Scan * `Outpost24 Scan` - Outpost24 Scan * `PHP Security Audit v2` - PHP Security Audit v2 * `PHP Symfony Security Check` - PHP Symfony Security Check * `PingCastle` - PingCastle * `pip-audit Scan` - pip-audit Scan * `PMD Scan` - PMD Scan * `Popeye Scan` - Popeye Scan * `Progpilot Scan` - Progpilot Scan * `Prowler Scan` - Prowler Scan * `PTART Report` - PTART Report * `PWN SAST` - PWN SAST * `Qualys Hacker Guardian Scan` - Qualys Hacker Guardian Scan * `Qualys Infrastructure Scan (WebGUI XML)` - Qualys Infrastructure Scan (WebGUI XML) * `Qualys Scan` - Qualys Scan * `Qualys Webapp Scan` - Qualys Webapp Scan * `Rapplex Scan` - Rapplex Scan * `Red Hat Satellite` - Red Hat Satellite * `Retire.js Scan` - Retire.js Scan * `ReversingLabs Spectra Assure` - ReversingLabs Spectra Assure * `Risk Recon API Importer` - Risk Recon API Importer * `Rubocop Scan` - Rubocop Scan * `Rusty Hog Scan` - Rusty Hog Scan * `SARIF` - SARIF * `Scantist Scan` - Scantist Scan * `Scout Suite Scan` - Scout Suite Scan * `Semgrep JSON Report` - Semgrep JSON Report * `Semgrep Pro JSON Report` - Semgrep Pro JSON Report * `SKF Scan` - SKF Scan * `Snyk Code Scan` - Snyk Code Scan * `Snyk Issue API Scan` - Snyk Issue API Scan * `Snyk Scan` - Snyk Scan * `Solar Appscreener Scan` - Solar Appscreener Scan Detailed_Results.csv * `SonarQube API Import` - SonarQube API Import * `SonarQube Scan` - SonarQube Scan * `SonarQube Scan detailed` - SonarQube Scan detailed * `Sonatype Application Scan` - Sonatype Application Scan * `SpotBugs Scan` - SpotBugs Scan * `SSH Audit Importer` - SSH Audit Importer * `SSL Labs Scan` - SSL Labs Scan * `Sslscan` - Sslscan * `Sslyze Scan` - Sslyze Scan * `SSLyze Scan (JSON)` - SSLyze Scan (JSON) * `StackHawk HawkScan` - StackHawk HawkScan * `Sysdig CLI Report` - Sysdig CLI Report Scan * `Sysdig Vulnerability Report` - Sysdig Vulnerability Report Scan * `Talisman Scan` - Talisman Scan * `Tenable Scan` - Tenable Scan * `Terrascan Scan` - Terrascan Scan * `Testssl Scan` - Testssl Scan * `TFSec Scan` - TFSec Scan * `Threagile risks report` - Threagile risks report * `ThreatComposer Scan` - ThreatComposer Scan * `Trivy Operator Scan` - Trivy Operator Scan * `Trivy Scan` - Trivy Scan * `Trufflehog Scan` - Trufflehog Scan * `Trufflehog3 Scan` - Trufflehog3 Scan * `Trustwave Fusion API Scan` - Trustwave Fusion API Scan * `Trustwave Scan (CSV)` - Trustwave Scan (CSV) * `Twistlock Image Scan` - Twistlock Image Scan * `VCG Scan` - VCG Scan * `Veracode Scan` - Veracode Scan * `Veracode SourceClear Scan` - Veracode SourceClear Scan * `Vulners` - Vulners * `Wapiti Scan` - Wapiti Scan * `Wazuh` - Wazuh * `WFuzz JSON report` - WFuzz JSON report * `Whispers Scan` - Whispers Scan * `WhiteHat Sentinel` - WhiteHat Sentinel * `Wiz Scan` - Wiz Scan * `Wizcli Dir Scan` - Wizcli Dir Scan * `Wizcli IaC Scan` - Wizcli IaC Scan * `Wizcli Img Scan` - Wizcli Img Scan * `Wpscan` - Wpscan * `Xanitizer Scan` - Xanitizer Scan * `Xeol Parser` - Xeol Parser * `Yarn Audit Scan` - Yarn Audit Scan * `ZAP Scan` - ZAP Scan * `Zora Parser` - Zora Parser | [optional] |
| engagement | int | [optional] | |
| tags | List[str] | Add tags that help describe this scan. | [optional] |
| close_old_findings | bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same engagement. | [optional] [default to False] |
| close_old_findings_product_scope | bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same product.By default, it is false meaning that only old findings of the same type in the engagement are in scope. | [optional] [default to False] |
| version | str | Version that was scanned. | [optional] |
Return type
Authorization
basicAuth, cookieAuth, tokenAuth
HTTP request headers
- Content-Type: multipart/form-data
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 201 | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]