Your browser is not supported

For the best experience, use Google Chrome or Mozilla Firefox.

WebInspect Swagger API Scanning

Supported Products

Using the WISwag.exe Tool

You can use the WISwag.exe tool in advanced situations for scanning a REST API, such as when you need to provide a configuration file that includes parameter values. The WISwag.exe tool is a command line tool that parses a REST API definition and converts it into a format that Fortify WebInspect understands.

Supported API Definitions and Protocols

The WISwag tool supports the following REST API definitions and protocols:

  • OpenAPI Specification versions 2.0 and 3.0 (formerly known as Swagger Specification). For more information, visit.
  • Open Data (OData) protocol (versions 2, 3, and 4). For more information, visit.

Tip: When using the WISwag tool with OData, if a POST fails to successfully create a request for an entity set, view the error in the HTTP details tab of the Web Macro Recorder to determine the requirements for the entity.

Resources
Supported API Definitions and Protocols

About Swagger

Swagger is an open-source software framework backed by a large ecosystem of tools that helps developers design, build, document, and consume RESTful web services. While most users identify Swagger by the Swagger UI tool, the Swagger toolset includes support for automated documentation, code generation, and test-case generation.

View Integration Page
Swagger

Additional Resources

Fortify Homepage
Fortify Integration Ecosystem
Fortify Unplugged YouTube Channel
Fortify Community
AppSec Blog
Gartner Magic Quadrant for Application Security Testing
Gartner Critical Capabilities - Fortify Ranked Highest for Enterprise
release-rel-2024-11-1-9470 | Wed Nov 6 17:48:07 PST 2024
9470
release/rel-2024-11-1-9470
Wed Nov 6 17:48:07 PST 2024
AWS