Verification Plugins
Get all Verification Plugins
This endpoint retrieves a list of Verification Integration Plugin resources.
GET /api/v2/plugins/analysis/
GET /api/v2/plugins/analysis/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [
{
"id": "appscan_enterprise",
"name": "HCL AppScan Enterprise",
"short_name": "HCL AppScan Enterprise",
"command": "import_appscan",
"sections":[
{
"label": null,
"optional": false,
"fields": [
{
"name": "analysis_project",
"label": "Application Name",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": 255,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["project"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Connection Details",
"optional": false,
"fields": [
{
"name": "analysis_method",
"label": "Protocol",
"description": "",
"field_type": "radio",
"default": "https",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "https",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [
{
"label": "https",
"value": "https",
"disabled": false
},
{
"label": "http",
"value": "http",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_server",
"label": "Server",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "bugs.server.com",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_context_root",
"label": "Context Root",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "/",
"features": [],
"scope": ["system"],
"help_text": "Normally left empty unless the service is installed at a non-standard location",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Credentials",
"optional": false,
"fields": [
{
"name": "analysis_user",
"label": "HCL AppScan Enterprise Username",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_pass",
"label": "HCL AppScan Enterprise Password",
"description": "",
"field_type": "masked_string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Behaviour",
"optional": false,
"fields": [
{
"name": "behaviour",
"label": "",
"description": "",
"field_type": "radio",
"default": "replace-scanner",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "replace-scanner",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Merge - Combine with all previous results",
"value": "combine",
"disabled": false
},
{
"label": "Replace Same Tool - Overwrite previous results from this tool",
"value": "replace-scanner",
"disabled": false
},
{
"label": "Replace All - Overwrite previous results for any affected tasks",
"value": "replace",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "When verification status is...",
"optional": false,
"fields": [
{
"name": "task_status_mapping_pass",
"label": "Pass",
"description": "",
"field_type": "select",
"default": "",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "complete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_partial",
"label": "Partial",
"description": "",
"field_type": "select",
"default": "",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "incomplete",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "complete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_fail",
"label": "Fail",
"description": "",
"field_type": "select",
"default": "",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "incomplete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Advanced Options",
"optional": false,
"fields": [
{
"name": "analysis_validate_cert",
"label": "Enforce Certificate Validation",
"description": "Bypasses certificate validation if unchecked (insecure, only for testing purposes)",
"field_type": "boolean",
"default": true,
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "True",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
}
],
"is_file_upload": false
}
]
}
Filter Parameters
Verification Plugins can be filtered by whether they are of file upload type or not. If no filters are passed, all verification plugins are returned.
| Parameter | Expected values | Description |
|---|---|---|
| is_file_upload | true | false | Return file upload plugins if true. |
GET /api/v2/plugins/analysis/?is_file_upload=true HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"results": [
{
"id": "appscan_file_upload",
"name": "HCL AppScan (Enterprise or Standard)",
"short_name": "HCL AppScan (Enterprise or Standard)",
"command": "import_appscan",
"sections": [
{
"label": "Choose File",
"optional": false,
"fields": [
{
"name": "file_upload",
"label": "",
"description": "Upload the results of a scan and SD Elements will use the information within the report to verify the state of the tasks found in this project, flagging those that can be verified automatically.",
"field_type": "file_upload",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": [
"project"
],
"help_text": "Valid file types:\n* AppScan Export (XML)\n* Zipped appscan.xml Export (ZIP)\n",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Behaviour",
"optional": false,
"fields": [
{
"name": "behaviour",
"label": "",
"description": "",
"field_type": "radio",
"default": "replace-scanner",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "replace-scanner",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Merge - Combine with all previous results",
"value": "combine",
"disabled": false
},
{
"label": "Replace Same Tool - Overwrite previous results from this tool",
"value": "replace-scanner",
"disabled": false
},
{
"label": "Replace All - Overwrite previous results for any affected tasks",
"value": "replace",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "When verification status is...",
"optional": false,
"fields": [
{
"name": "task_status_mapping_pass",
"label": "Pass",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "DONE",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_partial",
"label": "Partial",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "DONE",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "TODO",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_fail",
"label": "Fail",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "TODO",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
}
],
"is_file_upload": true
}
]
}
Get a Specific Verification Plugin
This endpoint retrieves a specific Verification Plugin resource, as specified by the id parameter.
GET /api/v2/plugins/analysis/{analysis_id}/
URL Parameters
| Parameter | Description |
|---|---|
| analysis_id | The id of the verification plugin to retrieve |
GET /api/v2/plugins/analysis/appscan_enterprise/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": "appscan_enterprise",
"name": "HCL AppScan Enterprise",
"short_name": "HCL AppScan Enterprise",
"command": "import_appscan",
"sections":[
{
"label": null,
"optional": false,
"fields": [
{
"name": "analysis_project",
"label": "Application Name",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": 255,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["project"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Connection Details",
"optional": false,
"fields": [
{
"name": "analysis_method",
"label": "Protocol",
"description": "",
"field_type": "radio",
"default": "https",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "https",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [
{
"label": "https",
"value": "https",
"disabled": false
},
{
"label": "http",
"value": "http",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_server",
"label": "Server",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "bugs.server.com",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_context_root",
"label": "Context Root",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "/",
"features": [],
"scope": ["system"],
"help_text": "Normally left empty unless the service is installed at a non-standard location",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Credentials",
"optional": false,
"fields": [
{
"name": "analysis_user",
"label": "HCL AppScan Enterprise Username",
"description": "",
"field_type": "string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "analysis_pass",
"label": "HCL AppScan Enterprise Password",
"description": "",
"field_type": "masked_string",
"default": null,
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": null,
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Behaviour",
"optional": false,
"fields": [
{
"name": "behaviour",
"label": "",
"description": "",
"field_type": "radio",
"default": "replace-scanner",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "replace-scanner",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Merge - Combine with all previous results",
"value": "combine",
"disabled": false
},
{
"label": "Replace Same Tool - Overwrite previous results from this tool",
"value": "replace-scanner",
"disabled": false
},
{
"label": "Replace All - Overwrite previous results for any affected tasks",
"value": "replace",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "When verification status is...",
"optional": false,
"fields": [
{
"name": "task_status_mapping_pass",
"label": "Pass",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "unchanged",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "complete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_partial",
"label": "Partial",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": ["project"],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "unchanged",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "incomplete",
"disabled": false
},
{
"label": "Change task status to: Complete",
"value": "complete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
},
{
"name": "task_status_mapping_fail",
"label": "Fail",
"description": "",
"field_type": "select",
"default": "unchanged",
"readonly": false,
"max_length": null,
"required": true,
"deprecated": false,
"placeholder": "unchanged",
"features": [],
"scope": [
"project"
],
"help_text": "",
"options": [
{
"label": "Leave task status unchanged",
"value": "unchanged",
"disabled": false
},
{
"label": "Change task status to: Incomplete",
"value": "incomplete",
"disabled": false
}
],
"key_hint_text": "",
"value_hint_text": ""
}
]
},
{
"label": "Advanced Options",
"optional": false,
"fields": [
{
"name": "analysis_validate_cert",
"label": "Enforce Certificate Validation",
"description": "Bypasses certificate validation if unchecked (insecure, only for testing purposes)",
"field_type": "boolean",
"default": true,
"readonly": false,
"max_length": null,
"required": false,
"deprecated": false,
"placeholder": "True",
"features": [],
"scope": ["system"],
"help_text": "",
"options": [],
"key_hint_text": "",
"value_hint_text": ""
}
]
}
],
"is_file_upload": false
}
Get the Default Mapping File for Verification Plugin
This endpoint retrieves the default countermeasure mapping file for a Verification Plugin, as specified by the id parameter.
GET /api/v2/plugins/analysis/{analysis_id}/mapping/
URL Parameters
| Parameter | Description |
|---|---|
| analysis_id | The id of the verification plugin to retrieve |
GET /api/v2/plugins/analysis/appscan_enterprise/mapping/ HTTP/1.1
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: text/csv
Task ID,Task Title,Weakness ID,Weakness Title,Confidence,CWE
T186,Use recommended settings and the latest patches for third party libraries and software,HiveMailXSS,HiveMail index.php Cross-Site Scripting,low,
T186,Use recommended settings and the latest patches for third party libraries and software,AdvancedGuestbookpicturephpXSS,Advanced Guestbook picture.php Cross-Site Scripting,low,
T186,Use recommended settings and the latest patches for third party libraries and software,WordpressPageFlipImageGalleryPlugingetConfigphpPathTraversal,Wordpress Page Flip Image Gallery Plugin getConfig.php Path Traversal,low,
T186,Use recommended settings and the latest patches for third party libraries and software,TPHidden_OWB_ABAP_Info_Usage_SYSYSID,ABAP Info Usage SYSYSID,low,
T186,Use recommended settings and the latest patches for third party libraries and software,CrossSiteScriptingThroughFlash,Cross-Site Scripting through Flash (ActionScript 2),low,
T186,Use recommended settings and the latest patches for third party libraries and software,PHPphpinfoXSS2,PHP phpinfo() Cross-Site Scripting (Versions 4.4.3 - 4.4.6),low,
T186,Use recommended settings and the latest patches for third party libraries and software,attMicrosoftSiteServerSampleScriptSQLVulnerability,Microsoft Site Server Sample Script SQL Injection,low,
T186,Use recommended settings and the latest patches for third party libraries and software,BLOGCMSMultipleRFI,BLOG:CMS Multiple Remote File Inclusion,low,
T186,Use recommended settings and the latest patches for third party libraries and software,WordPressFeedListPluginhandlerimagephpXSS,WordPress FeedList Plugin handler_image.php Cross-Site Scripting,low...