About the connector
Kiuwan is a software as a service (SaaS) static application security testing multi-technology software for software analysis, code quality, software composition, and security measurement/management.
This document provides information about the Kiuwan connector, which facilitates automated interactions, with a Kiuwan server using FortiSOAR™ playbooks. Add the Kiuwan connector as a step in FortiSOAR™ playbooks and perform automated operations with Kiuwan such as retrieving the list of all defects included in the specified action plan from Kiuwan, creating a mute for a rule/file in Kiuwan, updating the status of the specified defect in Kiuwan, etc.
Version information
Connector Version: 1.0.0
Authored By: Community
Certified: No
Installing the connector
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-kiuwan
Prerequisites to configuring the connector
- You must have the URL of the Kiuwan server to which you will connect and perform automated operations and credentials to access that server.
- The FortiSOAR™ server should have outbound connectivity to port 443 on the Kiuwan server.
Minimum Permissions Required
Configuring the connector
For the procedure to configure a connector, click here.
Configuration parameters
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Kiuwan connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter |
Description |
| Server URL |
Specify the URL of the Kiuwan server to which you will connect and perform automated operations. |
| Username |
Specify the username used to access the Kiuwan server to which you will connect and perform the automated operations. |
| Password |
Specify the password used to access the Kiuwan server to which you will connect and perform the automated operations. |
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True. |
Actions supported by the connector
The following automated operations can be included in playbooks and you can also use the annotations to access operations:
| Function |
Description |
Annotation and Category |
| Get Progress Summary for Action Plan |
Retrieves the current and the past main metrics and indicators of an application for an action plan from Kiuwan based on the application name, action plan name, and other input parameters you have specified. |
get_progress_summary_for_action_plan
Investigation |
| Get Defects List for Action Plan |
Retrieves the list of all defects included in the specified action plan from Kiuwan based on the application name, action plan name, and other input parameters you have specified. |
get_defects_list_for_action_plan
Investigation |
| Get Pending Defects for Action Plan |
Retrieves the pending defects of the specified action plan from Kiuwan based on the application name, action plan name, and other input parameters you have specified. |
get_pending_defects_for_action_plan
Investigation |
| Get Removed Defects for Action Plan |
Retrieves the removed defects of the specified action plan from Kiuwan based on the application name, action plan name, and other input parameters you have specified. |
get_removed_defects_for_action_plan
Investigation |
| Get Available Action Plans |
Retrieves the list of action plans of the specified application from Kiuwan based on the application name you have specified. |
get_available_action_plans
Investigation |
| Get Analysis List |
Retrieves a list of all analyses or specific analyses from Kiuwan based on the input parameters you have specified. |
get_analysis_list
Investigation |
| Get Analysis Codes List |
Retrieves the list of analysis codes for the specified application from Kiuwan based on the application name and other input parameters you have specified. |
get_analysis_codes_list
Investigation |
| Get Latest Analysis Files List |
Retrieves a list of files with metric values and defects of the latest analysis for the named application from Kiuwan based on the application name and other input parameters you have specified. |
get_latest_analysis_files_list
Investigation |
| Get Latest Analysis |
Retrieves the last analysis for the authenticated user and the application indicated from Kiuwan based on the application name you have specified. |
get_last_analysis
Investigation |
| Get Application Analysis |
Retrieves the analysis results for a concrete analysis from Kiuwan based on the application name you have specified. |
get_application_analysis
Investigation |
| Get Analysis Defects List |
Retrieves a list of all analysis defects for a concrete analysis specified by code parameter from Kiuwan based on the analysis code and other input parameters you have specified. |
get_analysis_defects_list
Investigation |
| Get Comparison Defects |
Retrieves a net number of new and removed defects and violated rules after comparing two given analyses from Kiuwan based on the analysis code and previous analysis code you have specified. |
get_comparison_defects
Investigation |
| Get New/Removed Defects List |
Retrieves a list of new/removed defects in an analysis from the previous analysis from Kiuwan based on the analysis code and previous analysis code and other input parameters you have specified. |
get_new_removed_defects_list
Investigation |
| Get Files Defects Details |
Retrieves files with metric values and defects for a specific analysis from Kiuwan based on the analysis code you have specified. |
get_files_defects_details
Investigation |
| Delete Analysis |
Delete details of specific analysis from Kiuwan based on the analysis code that you have specified. |
delete_analysis
Investigation |
| Create Mutes for Rule or File |
Create a mute for a rule/file in Kiuwan based on the application name and other parameters that you have specified. |
create_mutes_for_rule_or_file
Investigation |
| Create Suppression Rule |
Create a suppression rule in Kiuwan based on the defect ID and other input parameters that you have specified. |
create_suppresion_rule
Investigation |
| Get Defect Notes |
Retrieve a list of notes associated with the specified defect from Kiuwan based on the defect ID that you have specified. |
get_defect_notes
Investigation |
| Get Violated Rules |
Retrieves a list of violated rules of analysis for the authenticated user from Kiuwan based on the application name and other parameters that you have specified. |
get_violated_rules
Investigation |
| Get Violated Rule Files |
Retrieves a list of files that are affected by violated rules from Kiuwan based on the application name, analysis code, and rule code you have specified. |
get_violated_rule_files
Investigation |
| Get File Defects |
Retrieves a list of defects in a file for a concrete violated rule from Kiuwan based on the application name, analysis code, file name, and rule code you have specified. |
get_file_defects
Investigation |
| Update Defect Status |
Updates the status of the specified defect in Kiuwan based on the defect ID, status, and optionally an associated note you have specified. |
update_defect_status
Investigation |
operation: Get Progress Summary for Action Plan
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve the progress summary for the specified action plan from Kiuwan. |
| Action Plan Name |
Specify the name of the action plan for which you want to retrieve the progress summary from Kiuwan. |
| Creation Date |
(Optional) Specify the creation date based on which you want to retrieve the progress summary for the specified action plan from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"creation": "",
"expiration": "",
"createdBy": "",
"assignedTo": "",
"progress": "",
"estimate": "",
"pendingEffort": "",
"purged": "",
"riskIndexBefore": "",
"globalIndicatorBefore": "",
"effortToTargetBefore": "",
"qualityIndicatorsBefore": {
"Efficiency": "",
"Portability": "",
"Maintainability": "",
"Reliability ": "",
"Security ": ""
},
"riskIndexAfter": "",
"globalIndicatorAfter": "",
"effortToTargetAfter": "",
"qualityIndicatorsAfter": {
"Efficiency": "",
"Portability": "",
"Maintainability": "",
"Reliability": "",
"Security": ""
},
"metrics": {
"string": ""
}
}
operation: Get Defects List for Action Plan
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve defects of the specified action plan from Kiuwan. |
| Action Plan Name |
Specify the name of the action plan for which you want to retrieve defects from Kiuwan. |
| Creation Date |
(Optional) Specify the creation date based on which you want to retrieve defects of the specified action plan from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"creation": "",
"expiration": "",
"createdBy": "",
"assignedTo": "",
"progress": "",
"estimate": "",
"pendingEffort": "",
"purged": "",
"allDefects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
operation: Get Pending Defects for Action Plan
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve pending defects of the specified action plan from Kiuwan. |
| Action Plan Name |
Specify the name of the action plan for which you want to retrieve pending defects from Kiuwan. |
| Creation Date |
(Optional) Specify the creation date based on which you want to retrieve pending defects of the specified action plan from Kiuwan. |
| Analysis Label |
(Optional) Specify the analysis label using which you want to retrieve pending defects of the specified action plan from Kiuwan. |
| Characteristics |
(Optional) Specify a comma-separated list of characteristics using which you want to retrieve pending defects of the specified action plan from Kiuwan. You can specify the following values: Efficiency, Maintainability, Portability, Reliability, or Security. |
| File Contains |
(Optional) Specify the name of the file using which you want to filter pending defects in Kiuwan. |
| Languages |
(Optional) Specify a comma-separated list of languages using which you want to filter pending defects in Kiuwan. |
| Priorities |
(Optional) Specify a comma-separated list of priorities for which you want to filter pending defects in Kiuwan. You can specify the following values: Very low, Low, Normal, High, or Very high. |
| Limit |
(Optional) Specify the maximum number of results this operation should return, per page, in the response. |
| Order By |
(Optional) Select the option based on which you want to filter the pending defects retrieved from Kiuwan. You can choose either Priority or Effort. |
| Sort By |
(Optional) Select this option (default is selected) to sort the pending defects retrieved from Kiuwan in the ascending order. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"creation": "",
"expiration": "",
"createdBy": "",
"assignedTo": "",
"progress": "",
"estimate": "",
"pendingEffort": "",
"purged": "",
"pendingDefects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
operation: Get Removed Defects for Action Plan
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve pending defects of the specified action plan from Kiuwan. |
| Action Plan Name |
Specify the name of the action plan for which you want to retrieve removed defects for the action plan from Kiuwan. |
| Creation Date |
(Optional) Specify the creation date based on which you want to retrieve removed defects for the action plan from Kiuwan. |
| Analysis Label |
(Optional) Specify the analysis label using which you want to retrieve pending defects of the specified action plan from Kiuwan.
Note: If you do not specify the analysis label, then the operation compares it with the last analysis. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"creation": "",
"expiration": "",
"createdBy": "",
"assignedTo": "",
"progress": "",
"estimate": "",
"pendingEffort": "",
"purged": "",
"removedDefects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
operation: Get Available Action Plans
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve action plans from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"creation": "",
"expiration": "",
"createdBy": "",
"assignedTo": "",
"progress": "",
"estimate": "",
"pendingEffort": "",
"purged": ""
}
operation: Get Analysis List
Input parameters
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list (of analysis) is returned.
| Parameter |
Description |
| Application Name |
(Optional) Specify the name of the application for which you want to retrieve analysis from Kiuwan. |
| Audit Status |
(Optional) Select the status of the audit using which you want to filter the analysis retrieved from Kiuwan. You can choose either OK or FAIL.
Note: This parameter applies only to analysis that has audits. |
| Deliveries |
(Optional) Select this option to run deliveries on the analysis results retrieved from Kiuwan. |
| Start Time |
(Optional) Specify the starting DateTime from when you want to retrieve analysis from Kiuwan. |
| End Time |
(Optional) Specify the ending DateTime till when you want to retrieve analysis from Kiuwan. |
| Status |
(Optional) Select the status based on which you want to filter the analysis retrieved from Kiuwan. You can choose from the following options: SUCCESS, FAIL, or INPROGRESS. |
| Limit |
(Optional) Specify the maximum number of results this operation should return, per page, in the response. By default, this value is set to 500. |
| Page |
(Optional) Index of the first item to be returned by this operation. This parameter is useful if you want to get a subset of records, say analysis starting from the 10th analysis. By default, this is set as 1. |
Output
The output contains the following populated JSON schema:
{
"applicationName": "",
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": {
"country:": ""
},
"metrics": {}
}
operation: Get Analysis Codes List
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve analysis codes from Kiuwan. |
| Purged Analyses |
Select this option if you do not want to filter the purged analyses retrieved from Kiuwan. By default, it is set to True. |
| Success |
Select the option if you want to retrieve succeeded analysis code from Kiuwan. |
| Limit |
(Optional) Specify the maximum number of results this operation should return, per page, in the response. By default, this value is set to 500. |
Output
The output contains the following populated JSON schema:
{
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": {
"country": ""
},
"metrics": {
"com.optimyth.CQM.defectsByPriority.Priority 1": "",
"com.optimyth.CQM.defectsByPriority.Priority 2": "",
"com.optimyth.CQM.defectsByPriority.Priority 3": "",
"com.optimyth.CQM.defectsByPriority.Priority 4": "",
"com.optimyth.CQM.defectsByPriority.Priority 5": ""
}
}
operation: Get Latest Analysis Files List
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve the latest analysis files from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"auditName": "",
"applicationBusinessValue": "",
"applicationProvider": "",
"applicationPortfolios": "",
"creationDate": "",
"label": "",
"date": "",
"modelId": "",
"encoding": "",
"analysisCode": "",
"analysisURL": "",
"auditResultURL": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"analysisStatus": "",
"languages": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"architecture": {
"languages": [
{
"value": "",
"count": ""
}
],
"types": [
{
"value": "",
"count": ""
}
],
"relations": [
{
"value": "",
"count": ""
}
],
"tags": "",
"groupTags": ""
},
"insightsData": {
"components": "",
"vulnerabilities": "",
"licenses": "",
"duplicates": "",
"risks": [
{
"name": "",
"risk": {
"string": ""
}
}
]
},
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"files_count": "",
"count": "",
"page": "",
"files": [
{
"name": "",
"metrics_count": "",
"metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"defects_count": "",
"defects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
],
"lastSuccessfulDelivery": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"lastSuccessfulBaseline": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"quality_model": "",
"ordered_by": "",
"Risk index": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Quality indicator": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Effort to target": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Main metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"Security": ""
}
operation: Get Latest Analysis
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve the latest analysis from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"auditName": "",
"applicationBusinessValue": "",
"applicationProvider": "",
"applicationPortfolios": "",
"creationDate": "",
"label": "",
"date": "",
"modelId": "",
"encoding": "",
"analysisCode": "",
"analysisURL": "",
"auditResultURL": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"analysisStatus": "",
"languages": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"architecture": {
"languages": [
{
"value": "",
"count": ""
}
],
"types": [
{
"value": "",
"count": ""
}
],
"relations": [
{
"value": "",
"count": ""
}
],
"tags": "",
"groupTags": ""
},
"insightsData": {
"components": "",
"vulnerabilities": "",
"licenses": "",
"duplicates": "",
"risks": [
{
"name": "",
"risk": {
"string": ""
}
}
]
},
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"lastSuccessfulDelivery": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"lastSuccessfulBaseline": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"quality_model": "",
"ordered_by": "",
"Risk index": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Quality indicator": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Effort to target": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Main metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"Security": ""
}
operation: Get Application Analysis
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve application analysis from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"auditName": "",
"applicationBusinessValue": "",
"applicationProvider": "",
"applicationPortfolios": "",
"creationDate": "",
"label": "",
"date": "",
"modelId": "",
"encoding": "",
"analysisCode": "",
"analysisURL": "",
"auditResultURL": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"analysisStatus": "",
"languages": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"architecture": {
"languages": [
{
"value": "",
"count": ""
}
],
"types": [
{
"value": "",
"count": ""
}
],
"relations": [
{
"value": "",
"count": ""
}
],
"tags": "",
"groupTags": ""
},
"insightsData": {
"components": "",
"vulnerabilities": "",
"licenses": "",
"duplicates": "",
"risks": [
{
"name": "",
"risk": {
"string": ""
}
}
]
},
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"baselineAnalysisCode": "",
"deliveryFiles": {
"count": ""
},
"deliveryDefects": {
"newDefects": "",
"removedDefects": "",
"defects": ""
},
"auditResult": {
"auditName": "",
"description": "",
"approvalThreshold": "",
"overallResult": "",
"score": "",
"checkpointResults": [
{
"checkpoint": "",
"result": "",
"name": "",
"description": "",
"weight": "",
"mandatory": "",
"type": "",
"score": "",
"violatedRules": [
{
"ruleCode": "",
"modelId": "",
"defectsCount": "",
"suppressedDefectsCount": "",
"filesCount": "",
"effort": "",
"characteristic": "",
"vulnerabilityType": "",
"tags": "",
"priority": "",
"language": "",
"files": {
"href": ""
}
}
]
}
]
},
"lastSuccessfulDelivery": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"lastSuccessfulBaseline": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"quality_model": "",
"ordered_by": "",
"Risk index": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Quality indicator": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Effort to target": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Main metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"Security": ""
}
operation: Get Analysis Defects List
Input parameters
| Parameter |
Description |
| Analysis Code |
Specify the analysis code for which you want to retrieve analysis defects from Kiuwan. |
| Characteristics |
(Optional) Specify a comma-separated list of characteristics using which you want to retrieve analysis defects from Kiuwan. You can specify the following values: Efficiency, Maintainability, Portability, Reliability, or Security. |
| File Contains |
(Optional) Specify the name of the file using which you want to filter analysis defects in Kiuwan. |
| Languages |
(Optional) Specify a comma-separated list of languages using which you want to filter analysis defects in Kiuwan. |
| Mutes |
(Optional) Select the mutes based using which you want to filter defects by their mute status in Kiuwan |
| Priorities |
(Optional) Specify a comma-separated list of priorities for which you want to filter analysis defects in Kiuwan. You can specify the following values: Very low, Low, Normal, High, or Very high. |
| Limit |
(Optional) Specify the maximum number of results this operation should return, per page, in the response. By default, this value is set to 500. |
| Page |
(Optional) Index of the first item to be returned by this operation. This parameter is useful if you want to get a subset of records, say analysis starting from the 10th analysis. By default, this is set as 1. |
| Order By |
(Optional) Select the option based on which you want to filter the analysis defects retrieved from Kiuwan. You can choose either Priority or Effort. |
| Sort By |
(Optional) Select this option (default is selected) to sort the analysis defects retrieved from Kiuwan in the ascending order. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"auditName": "",
"applicationBusinessValue": "",
"applicationProvider": "",
"applicationPortfolios": "",
"creationDate": "",
"label": "",
"date": "",
"modelId": "",
"encoding": "",
"analysisCode": "",
"analysisURL": "",
"auditResultURL": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"analysisStatus": "",
"languages": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"architecture": {
"languages": [
{
"value": "",
"count": ""
}
],
"types": [
{
"value": "",
"count": ""
}
],
"relations": [
{
"value": "",
"count": ""
}
],
"tags": "",
"groupTags": ""
},
"insightsData": {
"components": "",
"vulnerabilities": "",
"licenses": "",
"duplicates": "",
"risks": [
{
"name": "",
"risk": {
"string": ""
}
}
]
},
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"defects_count": "",
"activeDefects_count": "",
"supressedDefects_count": "",
"count": "",
"page": "",
"defects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
],
"lastSuccessfulDelivery": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"lastSuccessfulBaseline": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"metrics": ""
},
"quality_model": "",
"ordered_by": "",
"Risk index": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Quality indicator": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Effort to target": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Main metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"Security": ""
}
operation: Get Comparison Defects
Input parameters
| Parameter |
Description |
| Analysis Code |
Specify the analysis code based on which you want to retrieve comparison defects from Kiuwan. |
| Previous Analysis Code |
Specify the previous analysis code based on which you want to retrieve comparison defects from Kiuwan |
Output
The output contains the following populated JSON schema:
{
"Main analysis code": "",
"Previous analysis code": "",
"New violated rules count": "",
"Removed violated rules count": "",
"New defects count": "",
"Removed defects count": ""
}
operation: Get New/Removed Defects List
Input parameters
| Parameter |
Description |
| Analysis Code |
Specify the analysis code based on which you want to retrieve comparison defects from Kiuwan. |
| Previous Analysis Code |
Specify the previous analysis code based on which you want to retrieve comparison defects from Kiuwan |
| Defect Type |
Specify the type of the defect based on which you want to retrieve comparison defects from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"count": "",
"page": "",
"Main analysis code": "",
"Previous analysis code": "",
"New violated rules count": "",
"Removed violated rules count": "",
"New defects count": "",
"Removed defects count": "",
"New defects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
],
"Removed defects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
operation: Get Files Defects Details
Input parameters
| Parameter |
Description |
| Analysis Code |
Specify the code of the analysis for which you want to retrieve file defect details from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"name": "",
"description": "",
"auditName": "",
"applicationBusinessValue": "",
"applicationProvider": "",
"applicationPortfolios": "",
"creationDate": "",
"label": "",
"date": "",
"modelId": "",
"encoding": "",
"analysisCode": "",
"analysisURL": "",
"auditResultURL": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": "",
"analysisStatus": "",
"languages": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"architecture": {
"languages": [
{
"value": "",
"count": ""
}
],
"types": [
{
"value": "",
"count": ""
}
],
"relations": [
{
"value": "",
"count": ""
}
],
"tags": "",
"groupTags": ""
},
"insightsData": {
"components": "",
"vulnerabilities": "",
"licenses": "",
"duplicates": "",
"risks": [
{
"name": "",
"risk": {
"string": ""
}
}
]
},
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"files_count": "",
"count": "",
"page": "",
"files": [
{
"name": "",
"metrics_count": "",
"metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"defects_count": "",
"defects": [
{
"defectId": "",
"file": "",
"line": "",
"code": "",
"muted": "",
"vulnerabilityType": "",
"explanation": "",
"status": "",
"cweId": "",
"ruleCode": "",
"rule": "",
"language": "",
"characteristic": "",
"priority": "",
"effort": "",
"modelId": "",
"securityDetail": {
"cweId": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": "",
"sourceFile": "",
"sourceLine": "",
"sourceCode": "",
"sourceCategory": "",
"sourceResource": "",
"sourceContainer": "",
"sourceInjectionPoint": "",
"frames": [
{
"index": "",
"file": "",
"lineNumber": "",
"lineText": "",
"category": "",
"resource": "",
"container": "",
"injectionPoint": "",
"variableDeclaration": ""
}
],
"datapaths": [
{
"index": "",
"kind": "",
"varname": "",
"lineNumber": "",
"lineText": "",
"indirect": "",
"file": "",
"container": "",
"localId": "",
"localParentId": ""
}
]
}
}
]
}
],
"lastSuccessfulDelivery": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"lastSuccessfulBaseline": {
"code": "",
"label": "",
"creationDate": "",
"qualityModel": "",
"modelId": "",
"encoding": "",
"invoker": "",
"status": "",
"errorCode": "",
"unparsedFiles": [
{
"file": "",
"cause": ""
}
],
"analysisScope": "",
"changeRequest": "",
"changeRequestStatus": "",
"branchName": "",
"auditResult": "",
"analysisBusinessValue": "",
"analysisProvider": "",
"analysisPortfolios": ""
},
"quality_model": "",
"ordered_by": "",
"Risk index": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Quality indicator": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Effort to target": {
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
},
"Main metrics": [
{
"name": "",
"value": "",
"size": "",
"minRange": "",
"maxRange": "",
"index": "",
"color": ""
}
],
"Security": ""
}
operation: Delete Analysis
Input parameters
| Parameter |
Description |
| Analysis Code |
Specify the code of the analysis for which you want to delete a specific analysis in Kiuwan. |
Output
No output schema is available at this time.
operation: Create Mutes for Rule or File
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to create a mute for a rule/file in Kiuwan. |
| Comment |
(Optional) Specify the comment that you want to associate with the mute that you want to create in Kiuwan. |
| File Name |
(Optional) Specify the name of the file for which you want to create a mute in Kiuwan. |
| File Pattern |
(Optional) Specify a comma-separated list of file patterns for which you want to create a mute for rule/file in Kiuwan. |
| Rule |
(Optional) Specify the rule code for which you want to create a mute for the rule/file in Kiuwan. |
| Mute Reason |
(Optional) Specify the reason for which you want to create a mute for the rule/file in Kiuwan. You can choose from the following options: NONE, FALSE_POSITIVE, TOO_MANY_DEFECTS, GENERATED_CODE, TOO_COMPLEX_CODE, or OTHER. |
Output
The output contains a non-dictionary value.
operation: Create Suppression Rule
Input parameters
| Parameter |
Description |
| Defect ID |
Specify the ID of the defect for which you want to create the suppression rule in Kiuwan. |
| Comment |
(Optional) Specify the comment that you want to associate with the suppression rule that you want to create in Kiuwan. |
| Mute By |
(Optional) Specify the mute for which you want to create a suppression rule in Kiuwan. You can choose either LINE_NUMBER or SOURCE_CODE. |
| Mute Reason |
(Optional) Specify the reason for which you want to create a suppression rule in Kiuwan. You can choose from the following options: NONE, FALSE_POSITIVE, TOO_MANY_DEFECTS, GENERATED_CODE, TOO_COMPLEX_CODE, or OTHER. |
Output
The output contains a non-dictionary value.
operation: Get Defect Notes
Input parameters
| Parameter |
Description |
| Defect ID |
Specify the ID of the defect for which you want to retrieve defect notes from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"date": "",
"user": "",
"text": ""
}
operation: Get Violated Rules
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve violated rules from Kiuwan. |
| Analysis Code |
(Optional) Specify the analysis code for which you want to retrieve violated rules from Kiuwan. |
| Code Security |
(Optional) Select this option if you want to retrieve code security with violated rules from Kiuwan. |
| Characteristics |
(Optional) Specify a comma-separated list of characteristics using which you want to retrieve violated rules from Kiuwan. You can specify the following values: Efficiency, Maintainability, Portability, Reliability, or Security. |
| Languages |
(Optional) Specify a comma-separated list of languages using which you want to filter violated rules in Kiuwan. |
| Priority |
(Optional) Select a priority using which you want to filter violated rules in Kiuwan. You can specify the following values: Very low, Low, Normal, High, or Very high. |
| Tag |
(Optional) Specify a tag using which you want to filter violated rules in Kiuwan. |
| Vulnerability Type |
(Optional) Select a type of vulnerability using which you want to filter violated rules in Kiuwan. You can choose from the following options: Permissions, Privileges and Access Controls, Injection, Error Handling and Fault Isolation, Other, Encryption and Randomness, Misconfiguration, Design Error, Initialization and Shutdown, Control Flow Management, File Handling, Number Handling, System Element Isolation, Buffer Handling, Information Leaks, Pointer, or Reference Handling. |
Output
The output contains the following populated JSON schema:
{
"ruleCode": "",
"modelId": "",
"defectsCount": "",
"suppressedDefectsCount": "",
"filesCount": "",
"effort": "",
"characteristic": "",
"vulnerabilityType": "",
"tags": "",
"priority": "",
"language": "",
"files": {
"href": ""
}
}
operation: Get Violated Rule Files
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve violated rule files from Kiuwan. |
| Analysis Code |
Specify the analysis code for which you want to retrieve violated rule files from Kiuwan. |
| Rule Code |
Specify the rule code for which you want to retrieve violated rule files from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"file": "",
"defectsCount": "",
"defects": {
"href": ""
}
}
operation: Get File Defects
Input parameters
| Parameter |
Description |
| Application Name |
Specify the name of the application for which you want to retrieve file defects from Kiuwan. |
| Analysis Code |
Specify the analysis code for which you want to retrieve file defects from Kiuwan. |
| File Name |
Specify the name of the file including the path for which you want to retrieve file defects from Kiuwan. |
| Rule Code |
Specify the rule code for which you want to retrieve file defects from Kiuwan. |
Output
The output contains the following populated JSON schema:
{
"code": "",
"line": "",
"muted": ""
}
operation: Update Defect Status
Input parameters
| Parameter |
Description |
| Defect ID |
Specify the ID of the defect for which you want to update the defect status in Kiuwan. |
| Status |
Select the status that you want to update for the specified defect in Kiuwan. You can choose from the following options: NONE, TO_REVIEW, or REVIEWED. |
| Note |
(Optional) Add a note that you want to associate with the specified defect that you want to update in Kiuwan. |
Output
The output contains a non-dictionary value.
Included playbooks
The Sample - Kiuwan - 1.0.0 playbook collection comes bundled with the Kiuwan connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Kiuwan connector.
- Create Mutes for Rule or File
- Create Suppression Rule
- Delete Analysis
- Get Analysis Codes List
- Get Analysis Defects List
- Get Analysis List
- Get Application Analysis
- Get Available Action Plans
- Get Comparison Defects
- Get Defect Notes
- Get Defects List for Action Plan
- Get File Defects
- Get Files Defects Details
- Get Latest Analysis
- Get Latest Analysis Files List
- Get New/Removed Defects List
- Get Pending Defects for Action Plan
- Get Progress Summary for Action Plan
- Get Removed Defects for Action Plan
- Get Violated Rule Files
- Get Violated Rules
- Update Defect Status
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
