Skip to main content
Version: 1.2

Security Tools

Viewing all connected security tools is available in the Integrations → Security Tools section. The functionality also allows adding new tools, editing, and deleting existing ones. Security Tools

Supported Security Tools

  • PT Application Inspector
  • Kaspersky Container Security
  • Solar AppScreener
  • Aqua
  • CodeScoring
  • Grype
  • KICS
  • OWASP Dependency Track
  • Trivy
  • Semgrep

Connecting Security Tools

To add a new security tool, follow these steps:

  1. In the Integrations → Security Tools section, click the Add Security Tool button
  2. Fill in the fields:
    • Name
    • Description
    • Tool (select from the list)
  3. Depending on the tool, fill in additional fields:
    • Tool description
    • URL
    • Scan results language
    • Authentication method (optional at this stage)
      info

      Selecting an authentication method at this step is not mandatory, but without specifying an authentication method, you cannot test the connection to the tool. The fields to fill in may vary depending on the chosen authentication method.

  4. For authentication:
    • API Token: fill in the "API Token" field
    • Login/Password: fill in the "Login" and "Password" fields
      note

      For the CodeScoring tool, existing authentication data may be used.

  5. Then click the Test Connection button (only available when an authentication method is specified)
  6. Click the Create button

Editing a Tool

To edit a tool, follow these steps:

  1. Click the edit button Edit in the tool row
  2. In the opened form, modify the necessary parameters Security Tools
  3. Click the Save button

Deleting a Tool

To delete a tool, follow these steps:

  1. Click the delete button Delete in the tool row

  2. In the opened window, confirm the deletion

    Security Tools

Integration Examples with Tools

Adding PT Application Inspector Tool

To add the tool to the platform, follow these steps:

  1. Navigate to the Integrations → Security Tools section
  2. Click the Add Security Tool button
  3. Fill in the fields:
    • Integration Name - e.g., Inspector (name must be unique)
    • Description - for easy identification, e.g., Positive Inspector
    • Tool - select the tool from the dropdown list (in this example, PT Application Inspector)
  4. Configure connection parameters:
    • API URL - e.g., https://your.company.ptsecurity/api/v1
    • Scan results language
    • Authentication method (Login/Password or API Token)
      info

      The authentication method can be specified later when adding a security check

  5. Click the Test Connection button. If the fields are filled correctly, the test status should be successful. If the connection fails, check the correctness of the entered data and try again.
  6. Click the Save button

Adding Kaspersky Container Security (KCS) Tool

To add the tool, follow these steps:

  1. Navigate to the Integrations → Security Tools section
  2. Click the Add Security Tool button
  3. Fill in the required fields:
    • Name
    • Description
    • Tool (Kaspersky Container Security)
  4. Specify additional parameters:
    • URL: https://your.company.kcs/api/v1
    • Scan results language
    • Authentication method: API Token
      info

      The authentication method can be specified later when adding a security check

  5. Add the token in the API Token field
  6. Click the Test Connection button. If the fields are filled correctly, the test status should be successful. If the connection fails, check the correctness of the entered data and try again.
  7. Click the Save button