CloudDefense.AI
  • Connect Repositories
    • Scan a Github/Gitlab
    • Scan an Azure DevOps repository
    • Scan a Bitbucket repository
  • Scans
    • Written code Scan (SAST)
    • Open Source Libraries Scan (SCA)
    • Secrets Scan
    • DAST Scans
    • API Scan from CloudDefense UI
  • CI/CD
    • GitHub Enterprise Actions
    • Methods for CI/CD integration with CLI
    • CI/CD Policies
    • Jenkins integration with cdefence
  • Integration
    • IaC on GCR Scan
    • IaC on Amazon ECR Scan
    • IaC on Docker Hub Scan
    • Integration with ServiceNow
    • Integration with Jira
    • SSO Okta App Integration
    • Set up CloudDefense Single Sign-On (SSO)
    • SIEM
      • Azure Sentinel
      • IBM Qradar
      • Micro Focus ArcSight Logger
  • Features
    • Sharing Integration
    • How to Enable Multi-Factor Authentication
    • AUTO PR
    • Remediation using SAST Recommendations
    • Global Allowed List and Local allowed list - Documentation
    • File Exclude
  • CloudDefense CLI
    • Cloud Defense CLI
  • On-Prem Installation
    • Install CloudDefense Helm on a Kubernetes Cluster
    • Install CloudDefense suite on a Kubernetes cluster
  • Others
    • Team Management
    • User Management
    • App Management
    • LogIn/Signup process
Powered by GitBook
On this page
  • Step 1: Access to API application
  • Step 2: Provide Swagger Details
  • Step 3: Scan your API Key
  1. Scans

API Scan from CloudDefense UI

We support only swagger endpoints for API Scans for now, so if you have any APIs which aren't in swagger, we request you to create a swagger file using those APIs. To run API Scans follow these steps

PreviousDAST ScansNextGitHub Enterprise Actions

Last updated 2 years ago

Step 1: Access to API application

Login to your CloudDefense Instance and click on “Scan” then “Other”. After this select “API”

Step 2: Provide Swagger Details

We’ll use https://petstore.swagger.io/v2/swagger.json for testing here (Remember we need json as output not any html website, there is difference between swagger viewer and swagger json)

In App URL you need to provide (Base URL) example - https://petstore.swagger.io/ In JSON Path provide full URL of JSON - https://petstore.swagger.io/v2/swagger.json

Step 3: Scan your API Key

Then click on “Run Scan” and your scan should start. API Scan from CloudDefense CLI guidelines are given below:

a) Install cdefense CLI in your Device using these steps - https://github.com/CloudDefenseAI/cd#installation

b) Now run below command to run DAST Scan from CLI

cdefense api --api-key=<CLOUDDEFENSE_API_KEY> --url=https://petstore.swagger.io/ --openapi-jsonurl=https://petstore.swagger.io/v2/swagger.json --project-name=example-api-scan --verbose