Resource mapping examples
Map Checkmarx projectsโ
The following example demonstrates how to ingest your Checkmarx projects to Port:
Project blueprint (click to expand)
{
"identifier": "checkmarxProject",
"title": "Checkmarx Project",
"icon": "Checkmarx",
"schema": {
"properties": {
"name": {
"type": "string",
"title": "Project Name"
},
"createdAt": {
"type": "string",
"format": "date-time",
"title": "Created At"
},
"updatedAt": {
"type": "string",
"format": "date-time",
"title": "Updated At"
},
"tags": {
"type": "object",
"title": "Tags"
},
"repoUrl": {
"type": "string",
"title": "Repository URL"
},
"mainBranch": {
"type": "string",
"title": "Main Branch"
},
"origin": {
"type": "string",
"title": "Origin"
},
"criticality": {
"type": "string",
"title": "Criticality"
}
},
"required": ["name"]
},
"relations": {}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
Map Checkmarx scansโ
The following example demonstrates how to ingest your Checkmarx scans to Port:
Scan blueprint (click to expand)
{
"identifier": "checkmarxScan",
"title": "Checkmarx Scan",
"icon": "Checkmarx",
"schema": {
"properties": {
"status": {
"type": "string",
"title": "Status",
"enum": [
"Queued",
"Running",
"Completed",
"Failed",
"Partial",
"Canceled"
],
"description": "The status of the scan. Possible values: Queued, Running, Completed, Failed, Partial, Canceled."
},
"branch": {
"type": "string",
"title": "Branch",
"description": "The branch of the repository that was scanned."
},
"createdAt": {
"type": "string",
"format": "date-time",
"title": "Created At",
"description": "The date and time when the scan was created."
},
"updatedAt": {
"type": "string",
"format": "date-time",
"title": "Updated At",
"description": "The date and time when the scan was last updated."
},
"projectId": {
"type": "string",
"title": "Project ID",
"description": "The identifier of the project to which this scan belongs."
},
"userAgent": {
"type": "string",
"title": "User Agent",
"description": "The user agent used to initiate the scan."
},
"configs": {
"type": "object",
"title": "Configurations",
"description": "Configuration details for the scan."
},
"statusDetails": {
"type": "array",
"items": {
"type": "object"
},
"title": "Status Details",
"description": "Detailed status information for the scan."
}
},
"required": ["status", "projectId"]
},
"relations": {
"project": {
"title": "Project",
"target": "checkmarxProject",
"many": false,
"required": true
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
learn more
- Scans represent individual security analysis runs for Checkmarx projects.
- Each scan is linked to its parent project through relations.
Map Checkmarx projects and scans togetherโ
The following example demonstrates how to ingest both Checkmarx projects and their scans to Port in a single configuration:
Project blueprint (click to expand)
{
"identifier": "checkmarxProject",
"title": "Checkmarx Project",
"icon": "Checkmarx",
"schema": {
"properties": {
"name": {
"type": "string",
"title": "Project Name"
},
"createdAt": {
"type": "string",
"format": "date-time",
"title": "Created At"
},
"updatedAt": {
"type": "string",
"format": "date-time",
"title": "Updated At"
},
"tags": {
"type": "object",
"title": "Tags"
},
"repoUrl": {
"type": "string",
"title": "Repository URL"
},
"mainBranch": {
"type": "string",
"title": "Main Branch"
},
"origin": {
"type": "string",
"title": "Origin"
},
"criticality": {
"type": "string",
"title": "Criticality"
}
},
"required": ["name"]
},
"relations": {}
}
Scan blueprint (click to expand)
{
"identifier": "checkmarxScan",
"title": "Checkmarx Scan",
"icon": "Checkmarx",
"schema": {
"properties": {
"status": {
"type": "string",
"title": "Status",
"enum": [
"Queued",
"Running",
"Completed",
"Failed",
"Partial",
"Canceled"
],
"description": "The status of the scan. Possible values: Queued, Running, Completed, Failed, Partial, Canceled."
},
"branch": {
"type": "string",
"title": "Branch",
"description": "The branch of the repository that was scanned."
},
"createdAt": {
"type": "string",
"format": "date-time",
"title": "Created At",
"description": "The date and time when the scan was created."
},
"updatedAt": {
"type": "string",
"format": "date-time",
"title": "Updated At",
"description": "The date and time when the scan was last updated."
},
"projectId": {
"type": "string",
"title": "Project ID",
"description": "The identifier of the project to which this scan belongs."
},
"userAgent": {
"type": "string",
"title": "User Agent",
"description": "The user agent used to initiate the scan."
},
"configs": {
"type": "object",
"title": "Configurations",
"description": "Configuration details for the scan."
},
"statusDetails": {
"type": "array",
"items": {
"type": "object"
},
"title": "Status Details",
"description": "Detailed status information for the scan."
}
},
"required": ["status", "projectId"]
},
"relations": {
"project": {
"title": "Project",
"target": "checkmarxProject",
"many": false,
"required": true
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
Map SAST findingsโ
The following example demonstrates how to ingest Checkmarx SAST (Static Application Security Testing) findings to Port:
SAST blueprint (click to expand)
{
"identifier": "checkmarxSast",
"description": "Represents a Checkmarx Static Application Security Testing (SAST) finding in the catalogue",
"title": "Checkmarx SASTs",
"icon": "Checkmarx",
"schema": {
"properties": {
"firstScanId": {
"type": "string",
"title": "First Scan ID",
"description": "The identifier of the first scan in which this SAST finding appeared."
},
"status": {
"type": "string",
"title": "Status",
"description": "The status of the SAST finding",
"enum": [
"NEW",
"RECURRENT",
"FIXED"
],
"enumColors": {
"NEW": "lightGray",
"RECURRENT": "lightGray",
"FIXED": "lightGray"
}
},
"state": {
"icon": "DefaultProperty",
"type": "string",
"title": "State",
"description": "The state of the SAST finding"
},
"severity": {
"type": "string",
"description": "The severity level of the SAST finding",
"title": "Severity",
"enum": [
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"enumColors": {
"LOW": "lightGray",
"MEDIUM": "lightGray",
"HIGH": "lightGray",
"CRITICAL": "lightGray"
}
},
"confidenceLevel": {
"type": "number",
"title": "Confidence Level",
"description": "The confidence level (0-100) assigned to the SAST finding",
"minimum": 0,
"maximum": 100
},
"created": {
"type": "string",
"title": "Created At",
"description": "The date and time when the SAST finding was created",
"format": "date-time"
},
"description": {
"type": "string",
"title": "Description",
"description": "The description of the SAST result"
},
"nodes": {
"items": {
"type": "object"
},
"icon": "DefaultProperty",
"type": "array",
"title": "Nodes",
"description": "The list of nodes or code locations related to the SAST finding"
},
"cweId": {
"type": "string",
"title": "CWE ID",
"description": "The CWE (Common Weakness Enumeration) identifier associated with this SAST finding"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"scan": {
"title": "Scan",
"target": "checkmarxScan",
"required": false,
"many": false
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
- kind: sast
selector:
query: 'true'
port:
entity:
mappings:
identifier: .resultHash
title: .queryName
blueprint: '"checkmarxSast"'
properties:
firstScanId: .firstScanID
status: .status
state: .state
severity: (.severity // empty)
confidenceLevel: .confidenceLevel
created: .firstFoundAt
nodes: (.nodes // empty)
cweId: (.cweID // empty)
relations:
scan: .scanID
learn more
- SAST findings represent static code analysis results from Checkmarx scans.
- Each SAST finding is linked to the scan that discovered it.
- The severity levels are: LOW, MEDIUM, HIGH, CRITICAL.
Map SCA findingsโ
The following example demonstrates how to ingest Checkmarx SCA (Software Composition Analysis) findings to Port:
SCA blueprint (click to expand)
{
"identifier": "checkmarxSCA",
"title": "Checkmarx SCA",
"icon": "Checkmarx",
"schema": {
"properties": {
"severity": {
"type": "string",
"title": "Severity",
"description": "The severity level of the SCA finding."
},
"state": {
"type": "string",
"title": "State",
"description": "The state of the SCA finding."
},
"description": {
"type": "string",
"title": "Description",
"description": "A description of the SCA finding."
},
"cweId": {
"type": "string",
"title": "CWE ID",
"description": "The Common Weakness Enumeration (CWE) identifier related to the vulnerability."
},
"status": {
"type": "string",
"title": "Status",
"description": "The current status of the SCA finding."
},
"created": {
"type": "string",
"format": "date-time",
"title": "Created",
"description": "The date and time when the SCA finding was created."
},
"firstScanId": {
"type": "string",
"title": "First Scan ID",
"description": "The identifier of the first scan in which this SCA issue was detected."
},
"packageIdentifier": {
"type": "string",
"title": "Package Identifier",
"description": "The identifier of the affected package."
},
"recommendations": {
"type": "array",
"items": {
"type": "string"
},
"title": "Recommendations",
"description": "Recommended actions to remediate the SCA finding."
},
"recommendedVersion": {
"type": "string",
"title": "Recommended Version",
"description": "The recommended version of the package to resolve the vulnerability."
},
"packageData": {
"items": {
"type": "object"
},
"type": "array",
"title": "Package Data"
},
"confidenceLevel": {
"type": "string",
"title": "Confidence Level",
"description": "The confidence level of the SCA finding."
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"scan": {
"title": "Scan",
"target": "checkmarxScan",
"required": false,
"many": false
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
- kind: sca
selector:
query: 'true'
port:
entity:
mappings:
identifier: .alternateId
title: .data.packageIdentifier
blueprint: '"checkmarxSCA"'
properties:
firstScanId: .firstScanId
status: .status
state: .state
severity: .severity
created: .created
description: .description
packageIdentifier: .data.packageIdentifier
recommendations: .data.recommendations
recommendedVersion: .data.recommendedVersion
packageData: .data.packageData
cweId: .vulnerabilityDetails.cweId
relations:
scan: .__scan_id
learn more
- SCA findings represent vulnerabilities in third-party dependencies and packages.
- Each SCA finding includes package information and remediation recommendations.
- The findings are linked to the scan that discovered them.
Map KICS findingsโ
The following example demonstrates how to ingest Checkmarx KICS (Keeping Infrastructure as Code Secure) findings to Port:
KICS blueprint (click to expand)
{
"identifier": "checkmarxKics",
"description": "Represents a KICS issue detected by Checkmarx One",
"title": "Checkmarx KICS",
"icon": "Checkmarx",
"schema": {
"properties": {
"firstScanId": {
"type": "string",
"title": "First Scan ID",
"description": "The identifier of the first scan in which this KICS issue was detected"
},
"status": {
"type": "string",
"title": "Status",
"description": "The current status of the KICS issue, indicating if it is new, recurring, or has been fixed.",
"enum": [
"NEW",
"RECURRENT",
"FIXED"
],
"enumColors": {
"NEW": "lightGray",
"RECURRENT": "lightGray",
"FIXED": "lightGray"
}
},
"state": {
"type": "string",
"description": "The state of the KICS issue, reflecting its verification and remediation status",
"title": "State"
},
"severity": {
"type": "string",
"title": "Severity",
"enum": [
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL",
"INFO"
],
"enumColors": {
"LOW": "lightGray",
"MEDIUM": "lightGray",
"HIGH": "lightGray",
"CRITICAL": "lightGray",
"INFO": "lightGray"
}
},
"created": {
"type": "string",
"title": "Created At",
"description": "The date and time when the KICS issue was first identified",
"format": "date-time"
},
"description": {
"icon": "DefaultProperty",
"type": "string",
"title": "Description",
"description": "A description of the KICS issue."
},
"fileName": {
"type": "string",
"title": "File Name",
"description": "The name of the file where the KICS issue was found."
},
"line": {
"type": "string",
"title": "Line Number",
"description": "The line number in the file where the KICS issue occurs"
},
"platform": {
"type": "string",
"title": "Platform"
},
"issueType": {
"type": "string",
"title": "Issue Type",
"description": "The type or category of the KICS issue"
},
"expectedValue": {
"type": "string",
"title": "Expected Value",
"description": "The value that was expected in the configuration"
},
"value": {
"type": "string",
"title": "Value",
"description": "The actual value found in the configuration that triggered the KICS issue"
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"scan": {
"title": "Scan",
"target": "checkmarxScan",
"required": false,
"many": false
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
- kind: kics
selector:
query: 'true'
port:
entity:
mappings:
identifier: .id
title: .description
blueprint: '"checkmarxKics"'
properties:
type: .type
firstScanId: .firstScanId
id: .id
status: .status
state: .state
severity: (.severity // empty)
confidenceLevel: .confidenceLevel
created: .created
description: .description
fileName: (.data.fileName // empty)
line: (.data.line // empty)
platform: (.data.platform // empty)
issueType: (.data.issueType // empty)
expectedValue: (.data.expectedValue // empty)
value: (.data.value // empty)
relations:
scan: .__scan_id
learn more
- KICS findings represent infrastructure as code security issues.
- Each finding includes file location, expected vs actual values, and platform information.
- The severity levels include: LOW, MEDIUM, HIGH, CRITICAL, INFO.
Map Container Security findingsโ
The following example demonstrates how to ingest Checkmarx Container Security findings to Port:
Container Security blueprint (click to expand)
{
"identifier": "checkmarxContainerSecurity",
"title": "Checkmarx Container Security",
"icon": "Checkmarx",
"schema": {
"properties": {
"firstScanId": {
"type": "string",
"title": "First Scan ID",
"description": "The identifier of the first scan in which this container security issue was detected."
},
"status": {
"type": "string",
"title": "Status",
"description": "The current status of the container security finding."
},
"state": {
"type": "string",
"title": "State",
"description": "The state of the container security finding."
},
"severity": {
"type": "string",
"title": "Severity",
"description": "The severity level of the container security finding."
},
"confidenceLevel": {
"type": "string",
"title": "Confidence Level",
"description": "The confidence level of the container security finding."
},
"created": {
"type": "string",
"format": "date-time",
"title": "Created",
"description": "The date and time when the container security finding was created."
},
"description": {
"type": "string",
"title": "Description",
"description": "A description of the container security finding."
},
"packageName": {
"type": "string",
"title": "Package Name",
"description": "The name of the affected package in the container."
},
"packageVersion": {
"type": "string",
"title": "Package Version",
"description": "The version of the affected package in the container."
},
"imageName": {
"type": "string",
"title": "Image Name",
"description": "The name of the container image."
},
"imageTag": {
"type": "string",
"title": "Image Tag",
"description": "The tag of the container image."
},
"imageFilePath": {
"type": "string",
"title": "Image File Path",
"description": "The file path within the container image where the issue was found."
},
"cweId": {
"type": "string",
"title": "CWE ID",
"description": "The Common Weakness Enumeration (CWE) identifier related to the vulnerability."
}
},
"required": []
},
"mirrorProperties": {},
"calculationProperties": {},
"aggregationProperties": {},
"relations": {
"scan": {
"title": "Scan",
"target": "checkmarxScan",
"required": false,
"many": false
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
- kind: containers
selector:
query: 'true'
port:
entity:
mappings:
identifier: .__scan_id + "/" + .id
title: .id
blueprint: '"checkmarxContainerSecurity"'
properties:
firstScanId: .firstScanId
status: .status
state: .state
severity: .severity
confidenceLevel: .confidenceLevel
created: .created
description: .description
packageName: .data.packageName
packageVersion: .data.packageVersion
imageName: .data.imageName
imageTag: .data.imageTag
imageFilePath: .data.imageFilePath
cweId: .vulnerabilityDetails.cweId
relations:
scan: .__scan_id
learn more
- Container Security findings represent vulnerabilities in container images.
- Each finding includes package information, image details, and file paths.
- Findings are linked to the scan that discovered them.
Map API Security findingsโ
The following example demonstrates how to ingest Checkmarx API Security findings to Port:
API Security blueprint (click to expand)
{
"identifier": "checkmarxApiSec",
"title": "Checkmarx API Security",
"icon": "Checkmarx",
"schema": {
"properties": {
"riskId": {
"type": "string",
"title": "Risk ID",
"description": "The unique identifier for the API security risk."
},
"apiId": {
"type": "string",
"title": "API ID",
"description": "The identifier of the API associated with the risk."
},
"severity": {
"type": "string",
"title": "Severity",
"enum": [
"low",
"medium",
"high",
"critical"
],
"description": "The severity level of the API security risk."
},
"name": {
"type": "string",
"title": "Name",
"description": "The name of the API security risk."
},
"status": {
"type": "string",
"title": "Status",
"enum": [
"new",
"recurrent",
"fixed"
],
"description": "The status of the API security risk."
},
"httpMethod": {
"type": "string",
"title": "HTTP Method",
"description": "The HTTP method associated with the API risk (e.g., GET, POST)."
},
"url": {
"type": "string",
"title": "URL",
"description": "The URL endpoint associated with the API risk."
},
"origin": {
"type": "string",
"title": "Origin",
"description": "The origin or source of the API risk."
},
"documented": {
"type": "boolean",
"title": "Documented",
"description": "Indicates whether the API is documented."
},
"authenticated": {
"type": "boolean",
"title": "Authenticated",
"description": "Indicates whether the API requires authentication."
},
"discoveryDate": {
"type": "string",
"format": "date-time",
"title": "Discovery Date",
"description": "The date and time when the API risk was discovered."
},
"scanId": {
"type": "string",
"title": "Scan ID",
"description": "The identifier of the scan in which the risk was found."
},
"sastRiskId": {
"type": "string",
"title": "SAST Risk ID",
"description": "The identifier of the related SAST risk, if available."
},
"projectId": {
"type": "string",
"title": "Project ID",
"description": "The identifier of the project associated with the API risk."
},
"state": {
"type": "string",
"title": "State",
"enum": [
"to_verify",
"confirmed",
"urgent",
"not_exploitable",
"proposed_not_exploitable",
"false_positive"
],
"description": "The state of the API security risk."
}
},
"required": [
"riskId",
"apiId",
"name",
"status",
"state"
]
},
"relations": {
"scan": {
"title": "Scan",
"target": "checkmarxScan",
"many": false,
"required": false
}
}
}
Integration Mapping (click to expand)
createMissingRelatedEntities: true
deleteDependentEntities: true
resources:
- kind: project
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxProject"'
identifier: .id
title: .name
properties:
name: .name
createdAt: .createdAt
updatedAt: .updatedAt
tags: (.tags // {})
repoUrl: .repoUrl
mainBranch: .mainBranch
origin: .origin
criticality: .criticality
- kind: scan
selector:
query: 'true'
port:
entity:
mappings:
blueprint: '"checkmarxScan"'
identifier: .id
title: '(.projectId + "-" + .id)'
properties:
status: .status
branch: .branch
createdAt: .createdAt
updatedAt: .updatedAt
projectId: .projectId
userAgent: .userAgent
configs: (.configs // {})
statusDetails: (.statusDetails // [])
relations:
project: .projectId
- kind: apisec
selector:
query: 'true'
port:
entity:
mappings:
identifier: .risk_id
title: .name
blueprint: '"checkmarxApiSec"'
properties:
riskId: .risk_id
apiId: .api_id
severity: (.severity // empty)
name: .name
status: .status
httpMethod: .http_method
url: .url
origin: .origin
documented: .documented
authenticated: .authenticated
discoveryDate: .discovery_date
scanId: .scan_id
sastRiskId: (.sast_risk_id // empty)
projectId: .project_id
state: .state
relations:
scan: .scan_id
learn more
- API Security findings represent risks discovered in API endpoints.
- Each finding includes HTTP method, URL, authentication status, and documentation status.
- The state field indicates the verification and remediation status.