- 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Contrast Security
- Updated on 24 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Contrast Security helps developers find and fix application security risks in real-time by automatically detecting and fixing vulnerabilities, identifying attacks, defending applications, and stopping attacks in real-time. Contrast embeds lightweight agents directly into code that detect real vulnerabilities. For detailed information refer to the Contrast Security’s official documentation.
Integration Method: API
Tables: Detection Finding (2004)
This integration supports the following event.
Event | Description |
---|---|
Vulnerabilities | Get the list of Organization Vulnerabilities |
This integration supports the following versions.
Contrast Security version | |
Contrast RESTful API version | v3 |
Note:
As for this document preparation, the latest release was in February 2025.
Prerequisites
Access to the Contrast Security portal.
Able to create Contrast Security API Keys which includes organization ID, API key and authorization header.
Access to the DataBee console to add the feed.
Configuration Overview
Get the API keys from contrast security portal.
Add the Contrast Security data feed in the DataBee console with the below parameters.
DataBee Parameter
Contrast Security Parameter
Access Key
API Key
Secret Key
Authorization Header
Organization’s UUID
Organization ID
Contrast Security Configuration
Login to your Contrast Security Dashboard.
Open User settings
Navigate to profile.
Select User Settings.
Get the API keys
Go to Profile page.
Locate Your Keys section.
Copy Organization ID and API Key.
Copy the Authorization Header and save these details for later use.
Note:
Rotating the Service Key will generate a new Authorization Header, which must be updated in your DataBee feed.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for Contrast Security and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Custom API Key
API Base URL: this is the base URL that DataBee will interact with.
Access Key: paste the API key.
Secret Key: paste the Authorization header.
Organization’s UUID: paste the organization’s UUID.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing unauthorized (401) error, this might be possibly due to incorrect API Credentials or incorrect organization ID. Please refer to the User settings to retrieve the API details and organization ID.