API Scanning

API Scanning is a process of testing your API endpoints to find any potential vulnerabilities.

CloudDefense API scans are performed on a runtime application using our fully packaged Docker image without any additional software installation. Please make sure you have the following prerequisites before running the scans.

Prerequisites

  • Install CLI

  • Install Docker if not already present.

    • Version: 18.x or greater

Your source code or application doesn't leave your environment, Cloud Defense doesn't store or have any kind of access to it.

Command

Run the following command from your console by replacing placeholder values.

cdefense apiscan --api-key=<YOUR_API_KEY> \
--url="<REST_ENDPOINT_URL>" --project-name="<PROJECT_NAME>" \
--openapi-jsonurl="<OPEN_API_JSON_FILE_URL>"

Parameters

The following parameters can be added from CLI when running a scan.

Option

Required

Description

--api-key

Yes

API Key

--project-name

Yes

Name of the project

--url

Yes

Rest endpoint url (example: https://petstore.swagger.io)

--openapi-jsonurl

Yes

Open API JSON Url(example: https://petstore.swagger.io/v2/swagger.json)

Sample

cdefense apiscan --api-key=<YOUR_API_KEY> --url="https://petstore.swagger.io/" --project-name=pdproject --openapi-jsonurl="https://petstore.swagger.io/v2/swagger.json"