Legacy SAST API

Mend SAST API (24.9.2.5)

Mend Static Application Security Testing Solution Web API

Download OpenAPI description

sast-api.json

sast-api.yaml

Overview

Mend Support

support@mend.io

Servers

https://api-docs.mend.io/sast/

Applications

Operations

Configurations

Operations

SAST Engines

Operations

Gets a list of all SAST engines

Request

Retrieves a list of available engines with supported programming languages names and engine IDs. Engine ID is used in scan configurations.

Security

ApiKeyAuth or Bearer

No request payload

Responses

Bodyapplication/jsonArray [

clocLanguageOptionNamesArray of strings

defaultDepthobject

defaultExclusionsArray of strings

executablestring

extensionsArray of objects

idinteger

ipcPortstring

languagestring

languageNamestring

tempDirectorystring

trackedInputsArray of strings

vulnerabilityTypesArray of objects(models.VulnerabilityType)

]

Response

application/json

[
  {
    "clocLanguageOptionNames": [ … ],
    "defaultDepth": { … },
    "defaultExclusions": [ … ],
    "executable": "string",
    "extensions": [ … ],
    "id": 0,
    "ipcPort": "string",
    "language": "string",
    "languageName": "string",
    "tempDirectory": "string",
    "trackedInputs": [ … ],
    "vulnerabilityTypes": [ … ]
  }
]

Get a SAST engine

Request

Retrieve engine details corresponding to ID parameter. The response includes engine ID, supported language, a list of tracked variables and a list of vulnerability types (name, risk level).

Security

ApiKeyAuth or Bearer

Path

idintegerrequired

Engine ID

No request payload

Responses

Bodyapplication/json

clocLanguageOptionNamesArray of strings

defaultDepthobject

defaultExclusionsArray of strings

executablestring

extensionsArray of objects

idinteger

ipcPortstring

languagestring

languageNamestring

tempDirectorystring

trackedInputsArray of strings

vulnerabilityTypesArray of objects(models.VulnerabilityType)

Response

application/json

{
  "clocLanguageOptionNames": [
    "string"
  ],
  "defaultDepth": {
    "maxFunctionDepth": 0,
    "maxVariableTrack": 0
  },
  "defaultExclusions": [
    "string"
  ],
  "executable": "string",
  "extensions": [
    { … }
  ],
  "id": 0,
  "ipcPort": "string",
  "language": "string",
  "languageName": "string",
  "tempDirectory": "string",
  "trackedInputs": [
    "string"
  ],
  "vulnerabilityTypes": [
    { … }
  ]
}

Groups

Operations

Users

Operations

Scans

Operations

Templates

Operations

Findings

Operations

Data flows

Operations

Mend SAST API (24.9.2.5)

Applications

Configurations

SAST Engines

Gets a list of all SAST engines

Request

Responses

Was this helpful?

Get a SAST engine

Request

Responses

Was this helpful?

Groups

Users

Scans

Templates

Findings

Data flows