InsightAppSec Use Cases
InsightAppSec APIs allow more customization and less manual work for large or complex deployments. The API gives you more control over and automation for your apps and scan configs. To help better illustrate concrete ways in which the InsightAppSec API can be used within an organization, we've created a few solutions that harness the API's capabilities to fulfill realistic use cases.
Reports drive guidelines for template-based apps to allow for onboarding on a large number of apps. Scan automation allows your scans to run and authenticate without needing someone to watch the scan to manually perform the actions. You can monitor scan results and leverage application onboarding to manage a large number of apps.
Use Case: Create custom reports
The Reporting solution is designed to generate reports based on scan data retrieved from InsightAppSec, driven by a set of user-defined configurations. This allows your teams to automate report generation and provide a level of flexibility to generate as many application/configuration pairings as needed.
You have a complex deployment that requires detailed reports to best gauge application security health. Instead of relying on pre-set dashboard cards in InsightAppSec, you decide to use the API to generate custom JSON reports, including reports based on tags. You’ve been asked to report on a critical new assessment. To get the exact information you need, you can choose how to view and sort vulnerabilities.
Leverage the search query with the
GET /vulnerabilities
function. All vulnerabilities for the application are listed in JSON format, which allows you to apply filter logic to the data set.GET https://[region].api.insight.rapid7.com/ias/v1/vulnerabilities
Use the
POST /search
function to perform a query-based search across all findings in the organization.1{2"query": "string"3"type": "APP"4}
For more information about search queries, see https://help.rapid7.com/insightappsec/en-us/api/v1/docs.html#tag/Search.
Now you can create custom searches and reports!
Use Case: Use a template to onboard multiple apps
The Application Onboarding solution provides a way to automate the creation of new applications in InsightAppSec. This is particularly beneficial if you have a large number of applications that must be configured within InsightAppSec.
You have a lot of applications and scan configs in InsightAppSec and are continuously adding more. Instead of manually adding that many apps and scan configs in the InsightAppSec UI, you create an API to automate creating apps and an API for creating scan configs.
Create an app
Let’s start by creating the Application container within Insight AppSec. To do this we are going to leverage the POST command on the /apps endpoint.
1import requests2import json34url = "https://us.api.insight.rapid7.com/ias/v1/apps"56payload = json.dumps({7"name": "insert_app_name",8"description": "insert_app_description"9})10headers = {11'Accept': 'application/json',12'Content-Type': 'application/json',13'x-api-key': 'insert_api_key'14}1516response = requests.request("POST", url, headers=headers, data=payload)1718print(response.text)
Create and validate a scan config
Now that we have created an application container let's create a scan config. When you create a scan config, provide the following information:
- Create a scan Config.
- Upload any files associated with the scan config.
- Update the “Scan Config” with the newly uploaded files.
- Create any schedule(s) or blackout(s).
- Validate that your scan config successfully completes a scan.
Example:
1Pseudo Code23Create Application45Create Scan Config6- Create Scan Config7- Upload file(s)8- Authentication9- Macro/selenium/traffic10- Traffic11- API12- Swagger/WSDL13- Sequential Macro14- Traffic File15- Selenium16- Update Scan Config17Create Schedule18Create Blackout Window(s)19Validate Scan Config20- Launch Scan21- Monitor Scan22- Review scan completion
Validate APIs
Ensure that your scan config is successfully created.
Now you can run APIs to create multiple apps and scan configs!
Use Case: Automate your scans
The Scan Automation solution allows you to automate the launching and monitoring of an application scan, based on application and scan configuration names. Scan automation can be vital for usage in build/release pipelines and as part of your organization's software development life cycle.
Using Jenkins, Azure, or other DevOps tools, you can automate your scans to run and authentication without the need for a manual interaction.
Start scans using <CONFIG>
for <APP>
.