Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Support
Launching Scans

Retrieving Mend SAST and SCA scan results

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

After setting up an integration between Invicti Enterprise and Mend, you need to enable Invicti Enterprise to retrieve SAST and SCA scan results from Mend by configuring the scan settings/scan profile for the targets you mapped to Mend projects. This allows you to view Mend SAST and SCA scan results alongside your Invicti Enterprise DAST scan results on the Scan Summary and Issues pages, as well as other areas in Invicti Enterprise.

NOTE: The integration between Invicti Enterprise and Mend does NOT initiate a Mend SAST scan. Invicti Enterprise will pull the latest SAST and SCA scan results from Mend for a mapped target and display the information in Invicti Enterprise alongside the DAST scan results.

This document explains how to configure the scan settings/scan profile for a target to retrieve SAST and SCA scan results from Mend.

Preparation

Ensure the following steps have been completed before configuring the scan settings/scan profile for a target:

  1. Follow the instructions in our Integrating Invicti Enterprise with Mend SAST and SCA documentation to connect your Invicti Enterprise and Mend accounts.
  2. Ensure the target you will scan is mapped to a Mend project in your Mend integration.
  • To check this, go to Integrations > Manage Integrations and click Edit next to your Mend integration listed in the Integrations table.
  • The target should be listed on the left side of the Target Mapping section, and the corresponding Mend projects should be on the right.
  • If the target is missing, click Add Mapping, then add the target on the left and the corresponding Mend projects on the right. Then click Save.

How to configure scan settings to retrieve SAST and SCA scan results from Mend

You can configure the Mend scan setting when creating a new scan or scheduled scan, or when creating a new scan profile or editing an existing scan profile. Follow the steps below to enable retrieval of Mend SAST and SCA scan results in the scan settings/scan profile of a target:

  1. Navigate to the New Scan configuration page for your target using one of the methods below according to your preference:
  1. Select your Target URL.
  2. In the Scan Settings section, select Third-party Connections

  1. Click the checkbox labelled Third-party Connections Enabled, as well as the checkboxes for Mend SAST and Mend SCA (you may select either one, or both); the Mend Projects that are connected to the target will appear:

TIP: You can amend the projects mapped to a target by editing the Mend integration. Go to Integrations > Manage Integrations and click Edit next to your Mend integration listed in the Integrations table.

  1. Complete the remaining Scan Options as outlined in Invicti Enterprise Scan Options Fields.
  2. Click Launch to start the new scan, or Save Profile if you are creating a new scan profile, or Update Profile if you are editing an existing scan profile.

The scan profile can now retrieve Mend SAST and SCA scan results. The next time you run a scan on this target with this scan profile, the latest Mend SAST and SCA scan results will automatically be added to the Scan Summary and Issues pages in Invicti Enterprise. For more information, refer to Viewing Mend SAST and SCA scan results in Invicti Enterprise.

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports