Cross-Stage Policy Violation REST API - v2

NEW IN RELEASE 94

A Cross-Stage violation represents an aggregate of time-overlapping but equal policy violations within a given app across all stages. This data allows analysis such as how long it takes to investigate and remove a violation that was found during a stage until it is no longer reported in any stage.

You may use the steps described in Policy Violation REST API - v2 to extract a particular policy violation ID you want to track.


Available Endpoints

Once you have located the desired ID you can use the following endpoints to obtain the information on the cross-stage violation:

Search by cross-stage violationID:

This endpoint returns cross-stage violation information given cross-stage violationId.

The cross-stage violationId is the id of the first occurrence of the violation in question. Bear in mind that If the ID doesn't correspond to the earliest ocurrence of the violation the API will return a not found error. This should return the fastest response if available. 

GET /api/v2/policyViolations/crossStage/{violationId}

Using curl as an example on a typical local installation, you can use the following command to communicate with this endpoint 

curl -u admin:admin123 -X GET 'http://localhost:8070/api/v2/policyViolations/crossStage/fb4c05d6054043ddaf434a71db8384db'

In order to search by any violation id aggregated by cross-stage violation, see "Search by constituentId" below

Search by constituentID:

This endpoind will provide cross-stage violation information for any violationId regadless of the time or stage of the occurrence

GET /api/v2/policyViolations/crossStage?constituentId=fb4c05d6054043ddaf434a71db8384db

Using curl as an example on a typical local installation, you can use the following command to communicate with this endpoint 

curl -u admin:admin123 -X GET 'http://localhost:8070/api/v2/policyViolations/crossStage?constituentId=fb4c05d6054043ddaf434a71db8384db'

Response Data

Here is the example of a cross-stage violation response from the above endpoints, where the cross-stage violation represents two occurrences of the same violation: build violation and release stage violation.

{
    "policyId": "93be2ac23c294d7683ec81d6faaca604",
    "policyName": "Security-Critical",
    "policyViolationId": "fb4c05d6054043ddaf434a71db8384db",
    "threatLevel": 10,
    "constraintViolations": [
        {
            "constraintId": "d0818181e9d342e7b8c7625409f5935e",
            "constraintName": "Critical risk CVSS score",
            "reasons": [
                {
                    "reason": "Found security vulnerability sonatype-2019-0115 with severity >= 9 (severity = 9.8)",
                    "reference": {
                        "type": "SECURITY_VULNERABILITY_REFID",
                        "value": "sonatype-2019-0115"
                    }
                }
            ]
        }
    ],
    "applicationPublicId": "Webgoat",
    "applicationName": "Webgoat",
    "organizationName": "Ex Main",
    "openTime": "2020-06-17T11:32:16.024-05:00",
    "fixTime": null,
    "hash": "37081687a930b9a4a29c",
    "policyThreatCategory": "security",
    "displayName": {
        "parts": [
            {
                "field": "Name",
                "value": "org.webjars jquery"
            },
            {
                "value": " "
            },
            {
                "field": "Version",
                "value": "1.10.2"
            }
        ]
    },
    "componentIdentifier": {
        "format": "a-name",
        "coordinates": {
            "name": "org.webjars jquery",
            "qualifier": "",
            "version": "1.10.2"
        }
    },
    "filename": "jquery-1.10.2.min.js",
    "stageData": {
        "build": {
            "mostRecentEvaluationTime": "2020-06-17T11:32:16.024-05:00",
            "mostRecentScanId": "c6e307ca087b4682998b9298245b74d6",
            "actionTypeId": "fail"
        },
        "stage-release": {
            "mostRecentEvaluationTime": "2020-06-18T11:03:01.933-05:00",
            "mostRecentScanId": "e78e289a664b4b8fb6b969d531fc1dea",
            "actionTypeId": "fail"
        }
    },
    "policyOwner": {
        "ownerId": "ROOT_ORGANIZATION_ID",
        "ownerName": "Root Organization",
        "ownerType": "organization"
    }
}

The policyViolationId is the cross-stage violation Id

The stageData will report the information for stages where the violation was found, including the Ids of the specific scans where it was reported.

The rest of the information returned by the API is analog to the information returned by Policy Violation REST API - v2