defectdojo_api_generated.ReimportScanApi
All URIs are relative to http://localhost
| Method | HTTP request | Description |
|---|---|---|
| create | POST /api/v2/reimport-scan/ |
create
ReImportScan create(scan_date=scan_date, minimum_severity=minimum_severity, active=active, verified=verified, endpoint_to_add=endpoint_to_add, file=file, product_type_name=product_type_name, product_name=product_name, engagement_name=engagement_name, engagement_end_date=engagement_end_date, source_code_management_uri=source_code_management_uri, test_title=test_title, auto_create_context=auto_create_context, deduplication_on_engagement=deduplication_on_engagement, lead=lead, push_to_jira=push_to_jira, environment=environment, build_id=build_id, branch_tag=branch_tag, commit_hash=commit_hash, api_scan_configuration=api_scan_configuration, service=service, group_by=group_by, create_finding_groups_for_all_findings=create_finding_groups_for_all_findings, apply_tags_to_findings=apply_tags_to_findings, apply_tags_to_endpoints=apply_tags_to_endpoints, do_not_reactivate=do_not_reactivate, scan_type=scan_type, test=test, close_old_findings=close_old_findings, close_old_findings_product_scope=close_old_findings_product_scope, version=version, tags=tags)
Reimports a scan report into an existing test.
By ID:
- Create a Product (or use an existing product)
- Create an Engagement inside the product
- Import a scan report and find the id of the Test
- Provide this in the test parameter
By Names:
- Create a Product (or use an existing product)
- Create an Engagement inside the product
- Import a report which will create a Test
- Provide product_name
- Provide engagement_name
- Optional: Provide test_title
In this scenario Defect Dojo will look up the Test by the provided details.
If no test_title is provided, the latest test inside the engagement will be chosen based on scan_type.
When using names you can let the importer automatically create Engagements, Products and Product_Types
by using auto_create_context=True.
When auto_create_context is set to True you can use deduplication_on_engagement to restrict deduplication for
imported Findings to the newly created Engagement.
Example
- Basic Authentication (basicAuth):
- Api Key Authentication (cookieAuth):
- Api Key Authentication (tokenAuth):
import defectdojo_api_generated
from defectdojo_api_generated.models.re_import_scan import ReImportScan
from defectdojo_api_generated.rest import ApiException
from pprint import pprint
# Defining the host is optional and defaults to http://localhost
# See configuration.py for a list of all supported configuration parameters.
configuration = defectdojo_api_generated.Configuration(
host = "http://localhost"
)
# The client must configure the authentication and authorization parameters
# in accordance with the API server security policy.
# Examples for each auth method are provided below, use the example that
# satisfies your auth use case.
# Configure HTTP basic authorization: basicAuth
configuration = defectdojo_api_generated.Configuration(
username = os.environ["USERNAME"],
password = os.environ["PASSWORD"]
)
# Configure API key authorization: cookieAuth
configuration.api_key['cookieAuth'] = os.environ["API_KEY"]
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['cookieAuth'] = 'Bearer'
# Configure API key authorization: tokenAuth
configuration.api_key['tokenAuth'] = os.environ["API_KEY"]
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
# configuration.api_key_prefix['tokenAuth'] = 'Bearer'
# Enter a context with an instance of the API client
with defectdojo_api_generated.ApiClient(configuration) as api_client:
# Create an instance of the API class
api_instance = defectdojo_api_generated.ReimportScanApi(api_client)
scan_date = '2013-10-20' # date | Scan completion date will be used on all findings. (optional)
minimum_severity = Info # str | Minimum severity level to be imported * `Info` - Info * `Low` - Low * `Medium` - Medium * `High` - High * `Critical` - Critical (optional) (default to Info)
active = True # bool | Force findings to be active/inactive or default to the original tool (None) (optional)
verified = True # bool | Force findings to be verified/not verified or default to the original tool (None) (optional)
endpoint_to_add = 56 # int | Enter the ID of an Endpoint that is associated with the target Product. New Findings will be added to that Endpoint. (optional)
file = None # bytearray | (optional)
product_type_name = 'product_type_name_example' # str | Also referred to as 'Organization' name. (optional)
product_name = 'product_name_example' # str | Also referred to as 'Asset' name. (optional)
engagement_name = 'engagement_name_example' # str | (optional)
engagement_end_date = '2013-10-20' # date | End Date for Engagement. Default is current time + 365 days. Required format year-month-day (optional)
source_code_management_uri = 'source_code_management_uri_example' # str | Resource link to source code (optional)
test_title = 'test_title_example' # str | (optional)
auto_create_context = True # bool | (optional)
deduplication_on_engagement = True # bool | (optional)
lead = 56 # int | (optional)
push_to_jira = False # bool | (optional) (default to False)
environment = 'environment_example' # str | (optional)
build_id = 'build_id_example' # str | ID of the build that was scanned. (optional)
branch_tag = 'branch_tag_example' # str | Branch or Tag that was scanned. (optional)
commit_hash = 'commit_hash_example' # str | Commit that was scanned. (optional)
api_scan_configuration = 56 # int | (optional)
service = 'service_example' # str | A service is a self-contained piece of functionality within a Product. This is an optional field which is used in deduplication and closing of old findings when set. This affects the whole engagement/product depending on your deduplication scope. (optional)
group_by = 'group_by_example' # str | Choose an option to automatically group new findings by the chosen option. * `component_name` - Component Name * `component_name+component_version` - Component Name + Version * `file_path` - File path * `finding_title` - Finding Title * `vuln_id_from_tool` - Vulnerability ID from Tool (optional)
create_finding_groups_for_all_findings = True # bool | If set to false, finding groups will only be created when there is more than one grouped finding (optional) (default to True)
apply_tags_to_findings = True # bool | If set to True, the tags will be applied to the findings (optional)
apply_tags_to_endpoints = True # bool | If set to True, the tags will be applied to the locations (optional)
do_not_reactivate = False # bool | Select if the import should ignore active findings from the report, useful for triage-less scanners. Will keep existing findings closed, without reactivating them. For more information check the docs. (optional) (default to False)
scan_type = 'scan_type_example' # str | * `Acunetix Scan` - Acunetix Scanner * `Anchore Engine Scan` - Anchore Engine Scan * `Anchore Enterprise Policy Check` - Anchore Enterprise Policy Check * `Anchore Grype` - Anchore Grype * `Anchore Grype detailed` - Anchore Grype detailed * `AnchoreCTL Policies Report` - AnchoreCTL Policies Report * `AnchoreCTL Vuln Report` - AnchoreCTL Vuln Report * `AppCheck Web Application Scanner` - AppCheck Web Application Scanner * `AppSpider Scan` - AppSpider Scan * `Aqua Scan` - Aqua Scan * `Arachni Scan` - Arachni Scan * `AuditJS Scan` - AuditJS Scan * `AWS Inspector2 Scan` - AWS Inspector2 Scan * `AWS Prowler Scan` - AWS Prowler Scan * `AWS Prowler V3` - AWS Prowler V3 * `AWS Security Finding Format (ASFF) Scan` - AWS Security Finding Format (ASFF) * `AWS Security Hub Scan` - AWS Security Hub Scan * `Azure Security Center Recommendations Scan` - Azure Security Center Recommendations Scan * `Bandit Scan` - Bandit Scan * `Bearer CLI` - Bearer CLI * `BlackDuck API` - BlackDuck API * `Blackduck Binary Analysis` - Blackduck Binary Analysis * `Blackduck Component Risk` - Blackduck Component Risk * `Blackduck Hub Scan` - Blackduck Hub Scan * `Brakeman Scan` - Brakeman Scan * `Bugcrowd API Import` - Bugcrowd API Import * `BugCrowd Scan` - BugCrowd Scan * `Bundler-Audit Scan` - Bundler-Audit Scan * `Burp Dastardly Scan` - Burp Dastardly Scan * `Burp Enterprise Scan` - Burp Enterprise Scan (RENAMED to Burp Suite DAST Scan) * `Burp REST API` - Burp REST API * `Burp Scan` - Burp Scan * `Burp GraphQL API` - Burp Suite DAST GraphQL API * `Burp Suite DAST Scan` - Burp Suite DAST Scan * `CargoAudit Scan` - CargoAudit Scan * `Checkmarx CxFlow SAST` - Checkmarx CxFlow SAST * `Checkmarx One Scan` - Checkmarx One Scan * `Checkmarx OSA` - Checkmarx OSA * `Checkmarx Scan` - Checkmarx Scan * `Checkmarx Scan detailed` - Checkmarx Scan detailed * `Checkov Scan` - Checkov Scan * `Chef Inspect Log` - Chef Inspect Log * `Choctaw Hog Scan` - Choctaw Hog Scan * `Clair Scan` - Clair Scan * `Cloudflare Insights` - Cloudflare Insights * `Cloudsploit Scan` - Cloudsploit Scan * `Cobalt.io API Import` - Cobalt.io API Import * `Cobalt.io Scan` - Cobalt.io Scan * `Codechecker Report native` - Codechecker Report native * `Contrast Scan` - Contrast Scan * `Coverity API` - Coverity API * `Coverity Scan JSON Report` - Coverity Scan JSON Report * `Crashtest Security JSON File` - Crashtest Security JSON File * `Crashtest Security XML File` - Crashtest Security XML File * `CredScan Scan` - CredScan Scan * `Crunch42 Scan` - Crunch42 Scan * `Cyberwatch scan (Galeax)` - Cyberwatch scan (Galeax) * `CycloneDX Scan` - CycloneDX Scan * `Cycognito Scan` - Cycognito Scan * `DawnScanner Scan` - DawnScanner Scan * `Deepfence Threatmapper Report` - Deepfence Threatmapper Report * `Dependency Check Scan` - Dependency Check Scan * `Dependency Track Finding Packaging Format (FPF) Export` - Dependency Track Finding Packaging Format (FPF) Export * `Detect-secrets Scan` - Detect-secrets Scan * `docker-bench-security Scan` - docker-bench-security Scan * `Dockle Scan` - Dockle Scan * `DrHeader JSON Importer` - DrHeader JSON Importer * `DSOP Scan` - DSOP Scan * `Duroc Hog Scan` - Duroc Hog Scan * `Edgescan Scan` - Edgescan Scan * `ESLint Scan` - ESLint Scan * `Essex Hog Scan` - Essex Hog Scan * `Fortify Scan` - Fortify Scan * `Generic Findings Import` - Generic Findings Import * `Ggshield Scan` - Ggshield Scan * `Github SAST Scan` - Github SAST Scan * `Github Secrets Detection Report Scan` - Github Secrets Detection Report Scan * `Github Vulnerability Scan` - Github Vulnerability Scan * `GitLab API Fuzzing Report Scan` - GitLab API Fuzzing Report Scan * `GitLab Container Scan` - GitLab Container Scan Scan * `GitLab DAST Report` - GitLab DAST Report * `GitLab Dependency Scanning Report` - GitLab Dependency Scanning Report * `GitLab SAST Report` - GitLab SAST Report * `GitLab Secret Detection Report` - GitLab Secret Detection Report * `Gitleaks Scan` - Gitleaks Scan * `Google Cloud Artifact Vulnerability Scan` - Google Cloud Artifact Vulnerability Scan * `Gosec Scanner` - Gosec Scanner * `Gottingen Hog Scan` - Gottingen Hog Scan * `Govulncheck Scanner` - Govulncheck Scanner * `HackerOne Cases` - HackerOne Cases * `Hadolint Dockerfile check` - Hadolint Dockerfile check * `Harbor Vulnerability Scan` - Harbor Vulnerability Scan * `HCL AppScan on Cloud SAST XML` - HCL AppScan on Cloud SAST XML * `HCLAppScan XML` - HCLAppScan XML * `Horusec Scan` - Horusec Scan * `Humble Json Importer` - Humble Json Importer * `HuskyCI Report` - HuskyCI Report * `Hydra Scan` - Hydra Scan * `IBM AppScan DAST` - IBM AppScan DAST * `Immuniweb Scan` - Immuniweb Scan * `IntSights Report` - IntSights Report * `Invicti Scan` - Invicti Scan * `IriusRisk Threats Scan` - IriusRisk Threats Scan * `JFrog Xray API Summary Artifact Scan` - JFrog Xray API Summary Artifact Scan * `JFrog Xray On Demand Binary Scan` - JFrog Xray On Demand Binary Scan * `JFrog Xray Scan` - JFrog Xray Scan * `JFrog Xray Unified Scan` - JFrog Xray Unified Scan * `KICS Scan` - KICS Scan * `Kiuwan SCA Scan` - Kiuwan SCA Scan * `Kiuwan Scan` - Kiuwan Scan * `KrakenD Audit Scan` - KrakenD Audit Scan * `kube-bench Scan` - kube-bench Scan * `Kubeaudit Scan` - Kubeaudit Scan * `KubeHunter Scan` - KubeHunter Scan * `Kubescape JSON Importer` - Kubescape JSON Importer * `Legitify Scan` - Legitify Scan * `Mayhem SARIF Report` - Mayhem SARIF Report * `Mend Scan` - Mend Scan * `Meterian Scan` - Meterian Scan * `Microfocus Webinspect Scan` - Microfocus Webinspect Scan * `MobSF Scan` - MobSF Scan * `Mobsfscan Scan` - MobSF Scan * `MobSF Scorecard Scan` - MobSF Scorecard Scan * `Mozilla Observatory Scan` - Mozilla Observatory Scan * `MSDefender Parser` - MSDefender Parser * `n0s1 Scanner` - n0s1 Scanner * `Nancy Scan` - Nancy Scan * `Netsparker Scan` - Netsparker Scan * `NeuVector (compliance)` - NeuVector (compliance) * `NeuVector (REST)` - NeuVector (REST) * `Nexpose Scan` - Nexpose Scan * `Nikto Scan` - Nikto Scan * `Nmap Scan` - Nmap Scan * `Node Security Platform Scan` - Node Security Platform Scan * `Nosey Parker Scan` - Nosey Parker Scan * `NPM Audit Scan` - NPM Audit Scan * `NPM Audit v7+ Scan` - NPM Audit v7+ Scan * `Nuclei Scan` - Nuclei Scan * `OpenReports` - OpenReports * `Openscap Vulnerability Scan` - Openscap Vulnerability Scan * `OpenVAS Parser` - OpenVAS Parser * `OpenVAS Parser v2` - OpenVAS Parser v2 * `Orca Security Alerts` - Orca Security Alerts * `ORT evaluated model Importer` - ORT evaluated model Importer * `OssIndex Devaudit SCA Scan Importer` - OssIndex Devaudit SCA Scan Importer * `OSV Scan` - OSV Scan * `Outpost24 Scan` - Outpost24 Scan * `PHP Security Audit v2` - PHP Security Audit v2 * `PHP Symfony Security Check` - PHP Symfony Security Check * `PingCastle` - PingCastle * `pip-audit Scan` - pip-audit Scan * `PMD Scan` - PMD Scan * `Popeye Scan` - Popeye Scan * `Progpilot Scan` - Progpilot Scan * `Prowler Scan` - Prowler Scan * `PTART Report` - PTART Report * `PWN SAST` - PWN SAST * `Qualys Hacker Guardian Scan` - Qualys Hacker Guardian Scan * `Qualys Infrastructure Scan (WebGUI XML)` - Qualys Infrastructure Scan (WebGUI XML) * `Qualys Scan` - Qualys Scan * `Qualys Webapp Scan` - Qualys Webapp Scan * `Rapplex Scan` - Rapplex Scan * `Red Hat Satellite` - Red Hat Satellite * `Retire.js Scan` - Retire.js Scan * `ReversingLabs Spectra Assure` - ReversingLabs Spectra Assure * `Risk Recon API Importer` - Risk Recon API Importer * `Rubocop Scan` - Rubocop Scan * `Rusty Hog Scan` - Rusty Hog Scan * `SARIF` - SARIF * `Scantist Scan` - Scantist Scan * `Scout Suite Scan` - Scout Suite Scan * `Semgrep JSON Report` - Semgrep JSON Report * `Semgrep Pro JSON Report` - Semgrep Pro JSON Report * `SKF Scan` - SKF Scan * `Snyk Code Scan` - Snyk Code Scan * `Snyk Issue API Scan` - Snyk Issue API Scan * `Snyk Scan` - Snyk Scan * `Solar Appscreener Scan` - Solar Appscreener Scan Detailed_Results.csv * `SonarQube API Import` - SonarQube API Import * `SonarQube Scan` - SonarQube Scan * `SonarQube Scan detailed` - SonarQube Scan detailed * `Sonatype Application Scan` - Sonatype Application Scan * `SpotBugs Scan` - SpotBugs Scan * `SSH Audit Importer` - SSH Audit Importer * `SSL Labs Scan` - SSL Labs Scan * `Sslscan` - Sslscan * `Sslyze Scan` - Sslyze Scan * `SSLyze Scan (JSON)` - SSLyze Scan (JSON) * `StackHawk HawkScan` - StackHawk HawkScan * `Sysdig CLI Report` - Sysdig CLI Report Scan * `Sysdig Vulnerability Report` - Sysdig Vulnerability Report Scan * `Talisman Scan` - Talisman Scan * `Tenable Scan` - Tenable Scan * `Terrascan Scan` - Terrascan Scan * `Testssl Scan` - Testssl Scan * `TFSec Scan` - TFSec Scan * `Threagile risks report` - Threagile risks report * `ThreatComposer Scan` - ThreatComposer Scan * `Trivy Operator Scan` - Trivy Operator Scan * `Trivy Scan` - Trivy Scan * `Trufflehog Scan` - Trufflehog Scan * `Trufflehog3 Scan` - Trufflehog3 Scan * `Trustwave Fusion API Scan` - Trustwave Fusion API Scan * `Trustwave Scan (CSV)` - Trustwave Scan (CSV) * `Twistlock Image Scan` - Twistlock Image Scan * `VCG Scan` - VCG Scan * `Veracode Scan` - Veracode Scan * `Veracode SourceClear Scan` - Veracode SourceClear Scan * `Vulners` - Vulners * `Wapiti Scan` - Wapiti Scan * `Wazuh` - Wazuh * `WFuzz JSON report` - WFuzz JSON report * `Whispers Scan` - Whispers Scan * `WhiteHat Sentinel` - WhiteHat Sentinel * `Wiz Scan` - Wiz Scan * `Wizcli Dir Scan` - Wizcli Dir Scan * `Wizcli IaC Scan` - Wizcli IaC Scan * `Wizcli Img Scan` - Wizcli Img Scan * `Wpscan` - Wpscan * `Xanitizer Scan` - Xanitizer Scan * `Xeol Parser` - Xeol Parser * `Yarn Audit Scan` - Yarn Audit Scan * `ZAP Scan` - ZAP Scan * `Zora Parser` - Zora Parser (optional)
test = 56 # int | (optional)
close_old_findings = True # bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same test. (optional) (default to True)
close_old_findings_product_scope = False # bool | This has no effect on reimport (optional) (default to False)
version = 'version_example' # str | Version that will be set on existing Test object. Leave empty to leave existing value in place. (optional)
tags = ['tags_example'] # List[str] | Modify existing tags that help describe this scan. (Existing test tags will be overwritten) (optional)
try:
api_response = api_instance.create(scan_date=scan_date, minimum_severity=minimum_severity, active=active, verified=verified, endpoint_to_add=endpoint_to_add, file=file, product_type_name=product_type_name, product_name=product_name, engagement_name=engagement_name, engagement_end_date=engagement_end_date, source_code_management_uri=source_code_management_uri, test_title=test_title, auto_create_context=auto_create_context, deduplication_on_engagement=deduplication_on_engagement, lead=lead, push_to_jira=push_to_jira, environment=environment, build_id=build_id, branch_tag=branch_tag, commit_hash=commit_hash, api_scan_configuration=api_scan_configuration, service=service, group_by=group_by, create_finding_groups_for_all_findings=create_finding_groups_for_all_findings, apply_tags_to_findings=apply_tags_to_findings, apply_tags_to_endpoints=apply_tags_to_endpoints, do_not_reactivate=do_not_reactivate, scan_type=scan_type, test=test, close_old_findings=close_old_findings, close_old_findings_product_scope=close_old_findings_product_scope, version=version, tags=tags)
print("The response of ReimportScanApi->create:\n")
pprint(api_response)
except Exception as e:
print("Exception when calling ReimportScanApi->create: %s\n" % e)
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| scan_date | date | Scan completion date will be used on all findings. | [optional] |
| minimum_severity | str | Minimum severity level to be imported * `Info` - Info * `Low` - Low * `Medium` - Medium * `High` - High * `Critical` - Critical | [optional] [default to Info] |
| active | bool | Force findings to be active/inactive or default to the original tool (None) | [optional] |
| verified | bool | Force findings to be verified/not verified or default to the original tool (None) | [optional] |
| endpoint_to_add | int | Enter the ID of an Endpoint that is associated with the target Product. New Findings will be added to that Endpoint. | [optional] |
| file | bytearray | [optional] | |
| product_type_name | str | Also referred to as 'Organization' name. | [optional] |
| product_name | str | Also referred to as 'Asset' name. | [optional] |
| engagement_name | str | [optional] | |
| engagement_end_date | date | End Date for Engagement. Default is current time + 365 days. Required format year-month-day | [optional] |
| source_code_management_uri | str | Resource link to source code | [optional] |
| test_title | str | [optional] | |
| auto_create_context | bool | [optional] | |
| deduplication_on_engagement | bool | [optional] | |
| lead | int | [optional] | |
| push_to_jira | bool | [optional] [default to False] | |
| environment | str | [optional] | |
| build_id | str | ID of the build that was scanned. | [optional] |
| branch_tag | str | Branch or Tag that was scanned. | [optional] |
| commit_hash | str | Commit that was scanned. | [optional] |
| api_scan_configuration | int | [optional] | |
| service | str | A service is a self-contained piece of functionality within a Product. This is an optional field which is used in deduplication and closing of old findings when set. This affects the whole engagement/product depending on your deduplication scope. | [optional] |
| group_by | str | Choose an option to automatically group new findings by the chosen option. * `component_name` - Component Name * `component_name+component_version` - Component Name + Version * `file_path` - File path * `finding_title` - Finding Title * `vuln_id_from_tool` - Vulnerability ID from Tool | [optional] |
| create_finding_groups_for_all_findings | bool | If set to false, finding groups will only be created when there is more than one grouped finding | [optional] [default to True] |
| apply_tags_to_findings | bool | If set to True, the tags will be applied to the findings | [optional] |
| apply_tags_to_endpoints | bool | If set to True, the tags will be applied to the locations | [optional] |
| do_not_reactivate | bool | Select if the import should ignore active findings from the report, useful for triage-less scanners. Will keep existing findings closed, without reactivating them. For more information check the docs. | [optional] [default to False] |
| scan_type | str | * `Acunetix Scan` - Acunetix Scanner * `Anchore Engine Scan` - Anchore Engine Scan * `Anchore Enterprise Policy Check` - Anchore Enterprise Policy Check * `Anchore Grype` - Anchore Grype * `Anchore Grype detailed` - Anchore Grype detailed * `AnchoreCTL Policies Report` - AnchoreCTL Policies Report * `AnchoreCTL Vuln Report` - AnchoreCTL Vuln Report * `AppCheck Web Application Scanner` - AppCheck Web Application Scanner * `AppSpider Scan` - AppSpider Scan * `Aqua Scan` - Aqua Scan * `Arachni Scan` - Arachni Scan * `AuditJS Scan` - AuditJS Scan * `AWS Inspector2 Scan` - AWS Inspector2 Scan * `AWS Prowler Scan` - AWS Prowler Scan * `AWS Prowler V3` - AWS Prowler V3 * `AWS Security Finding Format (ASFF) Scan` - AWS Security Finding Format (ASFF) * `AWS Security Hub Scan` - AWS Security Hub Scan * `Azure Security Center Recommendations Scan` - Azure Security Center Recommendations Scan * `Bandit Scan` - Bandit Scan * `Bearer CLI` - Bearer CLI * `BlackDuck API` - BlackDuck API * `Blackduck Binary Analysis` - Blackduck Binary Analysis * `Blackduck Component Risk` - Blackduck Component Risk * `Blackduck Hub Scan` - Blackduck Hub Scan * `Brakeman Scan` - Brakeman Scan * `Bugcrowd API Import` - Bugcrowd API Import * `BugCrowd Scan` - BugCrowd Scan * `Bundler-Audit Scan` - Bundler-Audit Scan * `Burp Dastardly Scan` - Burp Dastardly Scan * `Burp Enterprise Scan` - Burp Enterprise Scan (RENAMED to Burp Suite DAST Scan) * `Burp REST API` - Burp REST API * `Burp Scan` - Burp Scan * `Burp GraphQL API` - Burp Suite DAST GraphQL API * `Burp Suite DAST Scan` - Burp Suite DAST Scan * `CargoAudit Scan` - CargoAudit Scan * `Checkmarx CxFlow SAST` - Checkmarx CxFlow SAST * `Checkmarx One Scan` - Checkmarx One Scan * `Checkmarx OSA` - Checkmarx OSA * `Checkmarx Scan` - Checkmarx Scan * `Checkmarx Scan detailed` - Checkmarx Scan detailed * `Checkov Scan` - Checkov Scan * `Chef Inspect Log` - Chef Inspect Log * `Choctaw Hog Scan` - Choctaw Hog Scan * `Clair Scan` - Clair Scan * `Cloudflare Insights` - Cloudflare Insights * `Cloudsploit Scan` - Cloudsploit Scan * `Cobalt.io API Import` - Cobalt.io API Import * `Cobalt.io Scan` - Cobalt.io Scan * `Codechecker Report native` - Codechecker Report native * `Contrast Scan` - Contrast Scan * `Coverity API` - Coverity API * `Coverity Scan JSON Report` - Coverity Scan JSON Report * `Crashtest Security JSON File` - Crashtest Security JSON File * `Crashtest Security XML File` - Crashtest Security XML File * `CredScan Scan` - CredScan Scan * `Crunch42 Scan` - Crunch42 Scan * `Cyberwatch scan (Galeax)` - Cyberwatch scan (Galeax) * `CycloneDX Scan` - CycloneDX Scan * `Cycognito Scan` - Cycognito Scan * `DawnScanner Scan` - DawnScanner Scan * `Deepfence Threatmapper Report` - Deepfence Threatmapper Report * `Dependency Check Scan` - Dependency Check Scan * `Dependency Track Finding Packaging Format (FPF) Export` - Dependency Track Finding Packaging Format (FPF) Export * `Detect-secrets Scan` - Detect-secrets Scan * `docker-bench-security Scan` - docker-bench-security Scan * `Dockle Scan` - Dockle Scan * `DrHeader JSON Importer` - DrHeader JSON Importer * `DSOP Scan` - DSOP Scan * `Duroc Hog Scan` - Duroc Hog Scan * `Edgescan Scan` - Edgescan Scan * `ESLint Scan` - ESLint Scan * `Essex Hog Scan` - Essex Hog Scan * `Fortify Scan` - Fortify Scan * `Generic Findings Import` - Generic Findings Import * `Ggshield Scan` - Ggshield Scan * `Github SAST Scan` - Github SAST Scan * `Github Secrets Detection Report Scan` - Github Secrets Detection Report Scan * `Github Vulnerability Scan` - Github Vulnerability Scan * `GitLab API Fuzzing Report Scan` - GitLab API Fuzzing Report Scan * `GitLab Container Scan` - GitLab Container Scan Scan * `GitLab DAST Report` - GitLab DAST Report * `GitLab Dependency Scanning Report` - GitLab Dependency Scanning Report * `GitLab SAST Report` - GitLab SAST Report * `GitLab Secret Detection Report` - GitLab Secret Detection Report * `Gitleaks Scan` - Gitleaks Scan * `Google Cloud Artifact Vulnerability Scan` - Google Cloud Artifact Vulnerability Scan * `Gosec Scanner` - Gosec Scanner * `Gottingen Hog Scan` - Gottingen Hog Scan * `Govulncheck Scanner` - Govulncheck Scanner * `HackerOne Cases` - HackerOne Cases * `Hadolint Dockerfile check` - Hadolint Dockerfile check * `Harbor Vulnerability Scan` - Harbor Vulnerability Scan * `HCL AppScan on Cloud SAST XML` - HCL AppScan on Cloud SAST XML * `HCLAppScan XML` - HCLAppScan XML * `Horusec Scan` - Horusec Scan * `Humble Json Importer` - Humble Json Importer * `HuskyCI Report` - HuskyCI Report * `Hydra Scan` - Hydra Scan * `IBM AppScan DAST` - IBM AppScan DAST * `Immuniweb Scan` - Immuniweb Scan * `IntSights Report` - IntSights Report * `Invicti Scan` - Invicti Scan * `IriusRisk Threats Scan` - IriusRisk Threats Scan * `JFrog Xray API Summary Artifact Scan` - JFrog Xray API Summary Artifact Scan * `JFrog Xray On Demand Binary Scan` - JFrog Xray On Demand Binary Scan * `JFrog Xray Scan` - JFrog Xray Scan * `JFrog Xray Unified Scan` - JFrog Xray Unified Scan * `KICS Scan` - KICS Scan * `Kiuwan SCA Scan` - Kiuwan SCA Scan * `Kiuwan Scan` - Kiuwan Scan * `KrakenD Audit Scan` - KrakenD Audit Scan * `kube-bench Scan` - kube-bench Scan * `Kubeaudit Scan` - Kubeaudit Scan * `KubeHunter Scan` - KubeHunter Scan * `Kubescape JSON Importer` - Kubescape JSON Importer * `Legitify Scan` - Legitify Scan * `Mayhem SARIF Report` - Mayhem SARIF Report * `Mend Scan` - Mend Scan * `Meterian Scan` - Meterian Scan * `Microfocus Webinspect Scan` - Microfocus Webinspect Scan * `MobSF Scan` - MobSF Scan * `Mobsfscan Scan` - MobSF Scan * `MobSF Scorecard Scan` - MobSF Scorecard Scan * `Mozilla Observatory Scan` - Mozilla Observatory Scan * `MSDefender Parser` - MSDefender Parser * `n0s1 Scanner` - n0s1 Scanner * `Nancy Scan` - Nancy Scan * `Netsparker Scan` - Netsparker Scan * `NeuVector (compliance)` - NeuVector (compliance) * `NeuVector (REST)` - NeuVector (REST) * `Nexpose Scan` - Nexpose Scan * `Nikto Scan` - Nikto Scan * `Nmap Scan` - Nmap Scan * `Node Security Platform Scan` - Node Security Platform Scan * `Nosey Parker Scan` - Nosey Parker Scan * `NPM Audit Scan` - NPM Audit Scan * `NPM Audit v7+ Scan` - NPM Audit v7+ Scan * `Nuclei Scan` - Nuclei Scan * `OpenReports` - OpenReports * `Openscap Vulnerability Scan` - Openscap Vulnerability Scan * `OpenVAS Parser` - OpenVAS Parser * `OpenVAS Parser v2` - OpenVAS Parser v2 * `Orca Security Alerts` - Orca Security Alerts * `ORT evaluated model Importer` - ORT evaluated model Importer * `OssIndex Devaudit SCA Scan Importer` - OssIndex Devaudit SCA Scan Importer * `OSV Scan` - OSV Scan * `Outpost24 Scan` - Outpost24 Scan * `PHP Security Audit v2` - PHP Security Audit v2 * `PHP Symfony Security Check` - PHP Symfony Security Check * `PingCastle` - PingCastle * `pip-audit Scan` - pip-audit Scan * `PMD Scan` - PMD Scan * `Popeye Scan` - Popeye Scan * `Progpilot Scan` - Progpilot Scan * `Prowler Scan` - Prowler Scan * `PTART Report` - PTART Report * `PWN SAST` - PWN SAST * `Qualys Hacker Guardian Scan` - Qualys Hacker Guardian Scan * `Qualys Infrastructure Scan (WebGUI XML)` - Qualys Infrastructure Scan (WebGUI XML) * `Qualys Scan` - Qualys Scan * `Qualys Webapp Scan` - Qualys Webapp Scan * `Rapplex Scan` - Rapplex Scan * `Red Hat Satellite` - Red Hat Satellite * `Retire.js Scan` - Retire.js Scan * `ReversingLabs Spectra Assure` - ReversingLabs Spectra Assure * `Risk Recon API Importer` - Risk Recon API Importer * `Rubocop Scan` - Rubocop Scan * `Rusty Hog Scan` - Rusty Hog Scan * `SARIF` - SARIF * `Scantist Scan` - Scantist Scan * `Scout Suite Scan` - Scout Suite Scan * `Semgrep JSON Report` - Semgrep JSON Report * `Semgrep Pro JSON Report` - Semgrep Pro JSON Report * `SKF Scan` - SKF Scan * `Snyk Code Scan` - Snyk Code Scan * `Snyk Issue API Scan` - Snyk Issue API Scan * `Snyk Scan` - Snyk Scan * `Solar Appscreener Scan` - Solar Appscreener Scan Detailed_Results.csv * `SonarQube API Import` - SonarQube API Import * `SonarQube Scan` - SonarQube Scan * `SonarQube Scan detailed` - SonarQube Scan detailed * `Sonatype Application Scan` - Sonatype Application Scan * `SpotBugs Scan` - SpotBugs Scan * `SSH Audit Importer` - SSH Audit Importer * `SSL Labs Scan` - SSL Labs Scan * `Sslscan` - Sslscan * `Sslyze Scan` - Sslyze Scan * `SSLyze Scan (JSON)` - SSLyze Scan (JSON) * `StackHawk HawkScan` - StackHawk HawkScan * `Sysdig CLI Report` - Sysdig CLI Report Scan * `Sysdig Vulnerability Report` - Sysdig Vulnerability Report Scan * `Talisman Scan` - Talisman Scan * `Tenable Scan` - Tenable Scan * `Terrascan Scan` - Terrascan Scan * `Testssl Scan` - Testssl Scan * `TFSec Scan` - TFSec Scan * `Threagile risks report` - Threagile risks report * `ThreatComposer Scan` - ThreatComposer Scan * `Trivy Operator Scan` - Trivy Operator Scan * `Trivy Scan` - Trivy Scan * `Trufflehog Scan` - Trufflehog Scan * `Trufflehog3 Scan` - Trufflehog3 Scan * `Trustwave Fusion API Scan` - Trustwave Fusion API Scan * `Trustwave Scan (CSV)` - Trustwave Scan (CSV) * `Twistlock Image Scan` - Twistlock Image Scan * `VCG Scan` - VCG Scan * `Veracode Scan` - Veracode Scan * `Veracode SourceClear Scan` - Veracode SourceClear Scan * `Vulners` - Vulners * `Wapiti Scan` - Wapiti Scan * `Wazuh` - Wazuh * `WFuzz JSON report` - WFuzz JSON report * `Whispers Scan` - Whispers Scan * `WhiteHat Sentinel` - WhiteHat Sentinel * `Wiz Scan` - Wiz Scan * `Wizcli Dir Scan` - Wizcli Dir Scan * `Wizcli IaC Scan` - Wizcli IaC Scan * `Wizcli Img Scan` - Wizcli Img Scan * `Wpscan` - Wpscan * `Xanitizer Scan` - Xanitizer Scan * `Xeol Parser` - Xeol Parser * `Yarn Audit Scan` - Yarn Audit Scan * `ZAP Scan` - ZAP Scan * `Zora Parser` - Zora Parser | [optional] |
| test | int | [optional] | |
| close_old_findings | bool | Old findings no longer present in the new report get closed as mitigated when importing. If service has been set, only the findings for this service will be closed; if no service is set, only findings without a service will be closed. This only affects findings within the same test. | [optional] [default to True] |
| close_old_findings_product_scope | bool | This has no effect on reimport | [optional] [default to False] |
| version | str | Version that will be set on existing Test object. Leave empty to leave existing value in place. | [optional] |
| tags | List[str] | Modify existing tags that help describe this scan. (Existing test tags will be overwritten) | [optional] |
Return type
Authorization
basicAuth, cookieAuth, tokenAuth
HTTP request headers
- Content-Type: multipart/form-data
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 201 | - |
[Back to top] [Back to API list] [Back to Model list] [Back to README]