Data from integration saved in HackEDU

We make a request to https://sentinel.whitehatsec.com/api/asset and get the list of the assets you have registered in your WhiteHat account. From this api call we just save the id of the assets that you choose in the last integration step.

[ 
{
"collection": [
{
"asset": {
"id": 80103,
"label": "[REDACTED]",
"client_id": "[REDACTED]"
},
"href": "[REDACTED]",
"asset_type": "[REDACTED]"
},
...
]
}


Each time the sync process is run we make an api call to 1 endpoint: https://sentinel.whitehatsec.com/api/vuln requesting for the information of only the assets that you have previously registered in the integration process. All the response from this request is saved except for the field url that may contain sensible information.

{ 
"href": "/api/vuln/52449585",
"threat": "0",
"out_of_scope_reasons": "",
"is_manual": 1,
"opened": "2019-05-14T10:52:45Z",
"found": "2019-05-14T10:52:45Z",
"unreachable": null,
"modified": "2019-11-20T23:13:09Z",
"score": "0",
"site_name": "OWASP JuiceShop DAST",
"id": "52449585",
"status": "closed",
"service_level_abbr": "PE",
"severity": "0",
"mitigated_by": null,
"url": "[REDACTED]",
"site": "80103",
"closed": "2019-11-20T23:13:09Z",
"retest_state": "manual_retest_available",
"mitigated": 1,
"class": "Brute Force"
}
Did this answer your question?