Integrate Mend Results into Invicti
Overview
Mend.io is integrated with Invicti, our partner, for dynamic application security testing (DAST), to get a holistic view of SAST and DAST code findings. This integration enables proactive application risk management for developers and security teams directly in Invicti.
To achieve this, you need to integrate Invicti Enterprise and Mend SAST by mapping targets to Mend projects, then configure the scan settings/scan profile in Invicti Enterprise for each connected target to retrieve Mend SAST scan results.
Getting it done
This article covers the configuration aspects and how to connect Mend with Invicti Enterprise.
To learn more about the integration, please visit Invicti's documentation:
Prerequisites
A Mend account with read access to your organization's Mend projects and findings.
An active Invicti Enterprise account.
Retrieve your Activation Key from the Mend Platform
Log into your organization via the Mend Platform.
Note: Make sure you are an organization administrator.Navigate to the setting “cog” icon → Integrations:
Click on the Invicti card. Then, click on the Get Activation Key button that appears to get your activation key for the Invicti Integration.
Copy and save this value for the next step.
Configure the Mend Integration in Invicti Enterprise
Details about where to enter the generated activation key inside Invicti and how to map the Mend projects to Invicti targets can be found here.