Security should be easy to integrate into the development cycle, which is why we offer our Detectify API integration for ease of managing your automated security workflow. Today we’ve released Detectify API v2.5 with improvements that allow API users to maximize automation you can get from Detectify.
We asked our senior backend developer, Roberto Giachetta, to provide more insight on this release:
“The idea of Detectify API v2.5 was to maximize the automation of Detectify through the API. We received qualitative feedback from our customers, and it seemed like control of scan profiles settings were the last piece missing. We’ve also revised how we inform about error handling in a more transparent way. Overall, users of API v2.5 will notice a more streamlined process and be able to save some time from manually creating code when scanning their web applications for vulnerabilities.”
What’s new?
In Detectify API v2.5 we’ve update it with the following new features:
- Enterprise users can now control basic scan profile settings through the API, such as whitelisted paths, number of requests per second, basic authentication, etc. For example, you can instantly ensure scanning of newly added functionality of your website by whitelisting the relevant paths.
- We’ve revised the error handling to be more transparent and provide more details on what went wrong. When an error occurs, the message will provide a brief explanation on the error type in JSON and a URL link to the remediation tips.
- API specifications are now downloadable in API Blueprint 1A and Open API/Swagger v2.0 format to generate client-side code, saving users time from manually writing their own code. The Postman Collection can be easily imported to Postman to load all the data that is needed to run and test requests .
Where is the documentation for this awesome new API?
API v2.5 is available now and you’ll find the documentation at https://developer.detectify.com/ .
What about the old APIs?
Older versions of the Detectify API are still available, however you will only receive the 3 added features once you’ve upgraded to v2.5. So we recommend upgrading as soon as possible!
How do I get started?
To start using Detectify API v 2, you need to generate an API key. You can then implement all the methods that help you work with security.
Does my Detectify plan include access to the API?
- Starter plan: basic features, such as running scans, listing scan profiles and reports.
- Professional plan: basic features and access to generate multiple API keys; customize the settings per API keys;
- Enterprise: full access to the API features, like scheduling scans, reading finding details, creating and changing scan profiles, uploading DNS zones and more.
We’d love to hear more about how you work with security and how we can help you out with Detectify API. If you have any comments or suggestions, let us know by emailing us at hello[at]detectify.com.
Haven’t tried Detectify web application scanner? Our DAST-solution checks for 1000+ common web vulnerabilities and our tests are sourced by top-ranked ethical hackers. It’s easy to get started with the Detectify 14-day free trial!