API Coverage
Compare API endpoint support across different vulnerability management platforms. This matrix shows which features are available for each integration.
Filter by capabilities
| RESOURCE | Auth | Vulnerabilities | Assets | Scans |
|---|---|---|---|---|
 Black Duck SCA | ||||
 Checkmarx | ||||
 Coverity Static | ||||
 Qualys | ||||
 Rapid7 InsightVM | ||||
 Tenable Nessus | ||||
 Veracode |
Field Mappings
Our unified API standardizes data models across different vulnerability management providers. Below you can see how Unizo fields map to provider-specific fields for each data model.
Vulnerability
Security vulnerability or weakness found in code or dependencies.
| Unizo Field | Black Duck SCA | Checkmarx | Coverity Static | Qualys | Rapid7 InsightVM | Tenable Nessus | Veracode |
|---|---|---|---|---|---|---|---|
idUnique identifier | |||||||
categorycategory | |||||||
namename | |||||||
descriptionVulnerability description | |||||||
severityVulnerability severity | |||||||
cveCVE ID | |||||||
cvssCVSS score | |||||||
cweCWE ID | |||||||
statestate | |||||||
scan_outputscan_output | |||||||
portport | |||||||
protocolprotocol | |||||||
locationlocation of | |||||||
cvssScorecvssScore | |||||||
firstSeenfirstSeen | |||||||
lastSeenlastSeen | |||||||
changeLogchangeLog | |||||||
native_response native_response |
Asset
Security vulnerability or weakness found in code or dependencies.
| Unizo Field | Black Duck SCA | Checkmarx | Coverity Static | Qualys | Rapid7 InsightVM | Tenable Nessus | Veracode |
|---|---|---|---|---|---|---|---|
idUnique identifier | |||||||
hostnamehostname | |||||||
fqdnfqdn | |||||||
ipAddressesipAddresses | |||||||
macAddressesmacAddresses | |||||||
operatingSystemoperatingSystem | |||||||
installedSoftwareinstalledSoftware | |||||||
tagstags | |||||||
lastSeenlastSeen | |||||||
firstSeenfirstSeen | |||||||
lastScanTimelastScanTime | |||||||
domaindomain | |||||||
netbiosNamenetbiosName | |||||||
networkInterfacesnetworkInterfaces | |||||||
vulnerabilitySummaryvulnerabilitySummary | |||||||
vulnerabilityCountvulnerabilityCount | |||||||
riskScoreriskScore | |||||||
exploitability exploitability | |||||||
assetType assetType | |||||||
cloudProvider cloudProvider | |||||||
cloudMetadata cloudMetadata | |||||||
scanCoverage scanCoverage | |||||||
credentialedScan credentialedScan | |||||||
ownerowner | |||||||
labelslabels | |||||||
agentIdagentId | |||||||
openPortsopenPorts | |||||||
integrationintegration | |||||||
changeLogchangeLog |
Scan
Scan
| Unizo Field | Black Duck SCA | Checkmarx | Coverity Static | Qualys | Rapid7 InsightVM | Tenable Nessus | Veracode |
|---|---|---|---|---|---|---|---|
idid | |||||||
typetype | |||||||
namename | |||||||
descriptiondescription | |||||||
statusstatus | |||||||
startTimestartTime | |||||||
endTimeendTime | |||||||
durationduration | |||||||
scannerscanner | |||||||
scanTypescanType | |||||||
scanModescanMode | |||||||
scanMethodscanMethod | |||||||
assetIdsassetIds | |||||||
vulnerabilityIdsvulnerabilityIds | |||||||
targetstargets | |||||||
scanProfilescanProfile | |||||||
findingsCountfindingsCount | |||||||
vulnerabilitiesFoundvulnerabilitiesFound | |||||||
integrationintegration | |||||||
changeLogchangeLog |
Native Provider Field Support
Leveraging nativeResponse
The nativeResponse field enables you to access provider-specific features beyond our unified common data model. This feature allows you to:
- Access provider-specific vulnerability attributes not included in the common data model
- Implement custom security workflows using native provider capabilities
- Utilize advanced scanning features unique to each Vulnerability Management platform
- Maintain compatibility with existing provider-specific integrations
The nativeResponse field is available exclusively for Enterprise and Launch Customer subscriptions. Contact our sales team to upgrade your plan and unlock access to native provider data.
How to Use nativeResponse
{
"id": "123456",
"title": "Apache Log4j Remote Code Execution Vulnerability",
"severity": "Critical",
"cve": ["CVE-2021-44228"],
// ... other unified fields
"nativeResponse": {
// Complete provider-specific response
"vuln_type": "VULNERABILITY",
"qds": 100,
"qds_factors": {
"cvss": 90,
"cvss_version": "3.1",
"epss": 0.97565,
"threat_intelligence": true,
"mitigation_controls": false,
"malware": true,
"active_exploitation": true,
"exploit_maturity": "functional"
},
"patch_available": true,
"virtual_patch_available": false,
"patchable": true,
"os_cpe": [
"cpe:/o:redhat:enterprise_linux:7",
"cpe:/o:redhat:enterprise_linux:8"
],
"discovery": {
"remote": 1,
"auth_type_list": ["None"],
"additional_info": "Unauthenticated"
},
"correlation": {
"exploits": 15,
"malware": 8
}
}
}
Need Something More?
Working on a unique vulnerability management integration? Need extra fields for your security scanning tools? We're here to help.
Get in touch:
- Email: support@unizo.ai
- Web: Contact Us
We'd love to hear about your use case and help expand our API to meet your needs.