Data from integration saved in HackEDU

We make a request to https://cloud.appscan.com/api/v2/Apps and get the list of applications you have registered in your HCL AppScan account. From this response, we only save the Id from the applications you choose in the integration process.

{ 
"Id": "0d7c4851-ceb8-4fd9-a03b-5388c0bc0cfe",
"AssetGroupName": "[REDACTED]",
"DateCreated": "[REDACTED]",
"LastUpdated": "[REDACTED]",
....
}


Each time the sync process is run, we make a request to https://cloud.appscan.com/api/v2/Issues/Application/:ApplicationId. We save all the issues from this response, but redact the following fields which may containe sensitive information we do not need:

  • Api

  • Location

  • SourceFile

{ 
"Id": "a5a7d25d-4cde-ea11-9b05-00155d550e89",
"AsmHash": "-1881026083",
"HashVersion": 2,
"ApplicationId": "8a10c37e-5722-42fc-bf66-45b9fcf471d9",
"FixGroupId": "99a7d25d-4cde-ea11-9b05-00155d550e89",
"Api": "[REDACTED]",
"Source": null,
"Context": null,
"AppscanVulnId": null,
"CallingLine": null,
"CallingMethod": null,
"Class": null,
"Cve": "https://vuln.whitesourcesoftware.com/vulnerability/CVE-2019-8331",
"CvePublishDate": null,
"DetailsUrl":"https://vuln.whitesourcesoftware.com/vulnerability/CVE-2019-8331",
"Cvss": null,
"DateCreated": "2020-08-14T16:37:03.34Z",
"DiscoveryMethod": "SAST",
"Domain": null,
"Element": null,
"ExternalId": null,
"Host": null,
"IssueTypeId": "",
"IssueType": "OpenSource",
"IssueXml": null,
"LastUpdated": "2020-08-14T16:37:03.527Z",
"Line": "",
"Location": "[REDACTED]",
"Package": null,
"Path": null,
"Port": 0,
"Scheme": null,
"SeverityValue": 3,
"Severity": "Medium",
"SourceFile": "[REDACTED]",
"Status": "New",
"LastComment": null,
"Scanner": "AppScan Static Analyzer",
"ScanName": "static my_scan.irx 20200814_11:34:11",
"Cwe": null,
"ThreatClassId": null,
"DiffResult": "NoChange",
"AvailabilityImpact": "Partial",
"Classification": "Definitive",
"ConfidentialityImpact": "Partial",
"Authentication": null,
"AccessComplexity": null,
"AccessVector": null,
"ProjectName": null,
"Protocol": null,
"RemediationLevel": null,
"ReportConfidence": null,
"NessusPluginId": null,
"FixRecommendation": null,
"IntegrityImpact": "Partial",
"Summary": null,
"WhiteHatSecVulnId": null,
"StepsToReproduce": null,
"Description": null,
"Exploitability": null,
"ApplicationName": "",
"FriendlyId": null,
"ApiVulnName": null
}
Did this answer your question?