Black Duck Continuous Dynamic

Black Duck Continuous Dynamic (formerly WhiteHat Sentinel) is an application security tool that identifies vulnerabilities across your web applications. You can bring attack vector, dynamic code, and site data from Black Duck into Brinqa to centralize your applications attack surface, thus strengthening your cybersecurity posture.

This document details the information you must provide for the connector to authenticate with Black Duck Continuous Dynamic and how to obtain that information from Black Duck. See create a data integration for step-by-step instructions on setting up the integration.

Required connection settings

When setting up a data integration, select Black Duck Continuous Dynamic from the Connector dropdown list. You must provide the following information to authenticate Black Duck Continuous Dynamic with Brinqa:

• Service URL: The Black Duck Continuous Dynamic service URL. The default URL is https://sentinel.whitehatsec.com.

• API Key: The access key associated with the Black Duck Continuous Dynamic account, which must have permissions to log in to the API server and return data.

Generate a Black Duck Continuous Dynamic API key

For the Black Duck Continuous Dynamic connector to use the Black Duck API, you must provide an API key. You can access an existing API key or generate a new one. To obtain an API key, follow these steps:

1. Log in to your organization's Black Duck Continuous Dynamic account.

2. Click My Profile and then the API Key tab.

3. Type your password in the Verify password field and click Authenticate.

   The API key displays. If this is your first time requesting an API key, a new key is generated. Click Regenerate API key if you want to replace your existing key.

note

If you do not have the permissions to create an API key, contact your Black Duck Continuous Dynamic administrator. For additional information, see Black Duck Continuous Dynamic documentation.

Additional settings

The Black Duck Continuous Dynamic connector contains additional options for specific configuration:

• Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.

• Parallel requests: The maximum number of parallel API requests. The default setting is 4.

Types of data to retrieve

The Black Duck Continuous Dynamic connector can retrieve the following types of data from the Black Duck API:

Table 1: Data retrieved from Black Duck Continuous Dynamic

Connector Object	Required	Maps to Data Model
Application	Yes	Application
Attack Vector	No	Not mapped
Dynamic Code Finding	Yes	Dynamic Code Finding
Dynamic Code Finding Definition	Yes	Dynamic Code Finding Definition
Issue	Yes	Static Code Finding
Site	Yes	Site

info

For detailed steps on how to view the data retrieved from Black Duck Continuous Dynamic in the Brinqa Platform, see How to view your data.

Attribute mappings

Expand the sections below to view the mappings between the source and the Brinqa data model attributes.

Application

Table 2: Application attribute mappings

Source Field	Attribute Name
AssetResource.id	UID
AssetResource.id	NAME
AssetResource.subID	SUB_ID
AssetResource.type	ASSET_TYPE
AssetResource.serviceLevel	SE
AssetResource.preScanStatus	PRE_SCAN_STATUS
AssetResource.scanStatus	SCAN_STATUS
AssetResource.assetOwnerName	OWNER
AssetResource.phase	PHASE
AssetResource.industry	INDUSTRY
AssetResource.clientRatingMethod	CLIENT_RATING_METHOD
AssetResource.client.name	ORG
AssetResource.tags	TAGS
AssetResource.creationT	SOURCE_CREATED_DATE
AssetResource.lastScanDateT	LAST_SCANNED
AssetResource.location	LOCATIONS
AssetResource.customAssetID	APP_ID
AssetResource.applianceID	INSTANCE_ID
AssetResource.actionItems	ACTION_ITEMS
AssetResource.activeUser	ACTIVE_USER
AssetResource.assetOwnerID	ASSET_OWNER_ID
AssetResource.assetSize	ASSET_SIZE
AssetResource.averageFileSize	AVERAGE_FILE_SIZE
AssetResource.averageLinesScanned	AVERAGE_LINES_SCANNED
AssetResource.customPolicyID	CUSTOM_POLICY_ID
AssetResource.isWhiteHatEnabled	IS_WHITEHAT_ENABLED
AssetResource.remainingScans	REMAINING_SCANS
AssetResource.scheduleName	SCHEDULE_NAME
AssetResource.scheduleTimeZone	SCHEDULE_TIME_ZONE
AssetResource.weight	WEIGHT
ApplicationResource.lang	LANGUAGES
ApplicationResource.packageName	PACKAGE_NAME
ApplicationResource.platform	PLATFORM
normalized from AssetResource.status	STATUS
AssetResource.status	SOURCE_STATUS
(constant)	CATEGORIES
(sync timestamp)	LAST_CAPTURED

Site

Table 3: Site attribute mappings

Source Field	Attribute Name
SiteResource.id	UID
SiteResource.name	NAME
SiteResource.clientID	CLIENT_ID
SiteResource.organization	ORG
SiteResource.abbreviation	ABBREVIATION
SiteResource.hostname	HOSTNAMES
SiteResource.associatedHostname	ASSOCIATED_HOSTNAME
SiteResource.industry	INDUSTRY
SiteResource.weight	WEIGHT
SiteResource.speed	SPEED
SiteResource.customAssetID	CUSTOM_ASSET_ID
SiteResource.notes	NOTES
SiteResource.applianceID	APPLIANCE_ID
SiteResource.usesSatellite	USES_SATELLITE
(constant)	CATEGORIES
(constant)	STATUS
(sync timestamp)	LAST_CAPTURED

Dynamic Code Finding Definition

Table 4: Dynamic Code Finding Definition attribute mappings

Source Field	Attribute Name
VulnerabilityClassResource.id	UID
VulnerabilityClassResource.shortName	NAME
VulnerabilityClassResource.name	TITLE
VulnerabilityClassResource.description	DESCRIPTION
VulnerabilityClassResource.solution	RECOMMENDATION
VulnerabilityClassResource.defaultRisk	RISK
VulnerabilityClassResource.retired	RETIRED
VulnerabilityClassResource.cvssV3Score	CVSS_V3_BASE_SCORE
derived from VulnerabilityClassResource.cvssV3Vector	CVSS_V3_VECTOR
parsed CVSS v3 metrics	CVSS_V3_AV / _AC / _PR / _UI / _CI / _II / _AI / _E / _RL / _RC
VulnerabilityClassResource.hasApplications	HAS_APPLICATIONS
VulnerabilityClassResource.hasSites	HAS_SITES
(sync timestamp)	LAST_CAPTURED

Dynamic Code Finding

Table 5: Dynamic Code Finding attribute mappings

Source Field	Attribute Name
FindingResource.id	UID
FindingResource.id	NAME
FindingResource.class.id	TYPE
FindingResource.class.name	CATEGORIES
FindingResource.asset.id	SITE_ID
FindingResource.asset.subID	SUB_ID
FindingResource.asset.subID	TARGETS
FindingResource.asset.name	SITE_NAME
FindingResource.location	URL
FindingResource.status	SOURCE_STATUS
normalized from FindingResource.status	STATUS
derived from STATUS	STATUS_CATEGORY
FindingResource.verificationStatus	VERIFICATION_STATUS
FindingResource.retestStatus	RETEST_STATUS
normalized from FindingResource.severity	SEVERITY
FindingResource.severity	SOURCE_SEVERITY
derived from normalized severity	SEVERITY_SCORE
FindingResource.threat	THREAT
FindingResource.impact	IMPACT
FindingResource.likelihood	LIKELIHOOD
derived from FindingResource.risk	RISK
derived from FindingResource.customRisk	CUSTOM_RISK
FindingResource.customAccepted	ACCEPTED
FindingResource.reason	REASON
FindingResource.firstOpened	FIRST_FOUND
FindingResource.opened	LAST_FOUND
FindingResource.closed	LAST_FIXED
FindingResource.lastModified	SOURCE_LAST_MODIFIED
FindingResource.lastRetested	LAST_RETESTED
FindingResource.tags	TAGS
FindingResource.cvssV3.score	CVSS_V3_BASE_SCORE
derived from FindingResource.cvssV3.vector	CVSS_V3_VECTOR
parsed CVSS v3 metrics	CVSS_V3_AV / _AC / _PR / _UI / _CI / _II / _AI / _E / _RL / _RC
FindingResource.cvssV3.environmentalScore	CVSS_ENV_SCORE
derived from FindingResource.cvssV3.environmentalVector	CVSS_ENV_VECTOR
FindingResource.cvssScore (fallback when v3 absent)	CVSS_V2_BASE_SCORE
FindingResource.directRemediationAvailable	PATCHABLE
FindingResource.unreachable	UNREACHABLE
FindingResource.isAccessible	IS_ACCESSIBLE
FindingResource.outOfScopeReasons	OUT_OF_SCOPE_REASONS
FindingResource.manual	MANUAL
aggregated from attack-vector requests	REQUEST
aggregated from attack-vector responses	RESPONSE
filtered CVE entries from FindingResource.cveTags	CVE_IDS
filtered CVE entries from FindingResource.cveTags	CVE_RECORDS
FindingResource.foundRevision	REVISION
FindingResource.attackVectors	ATTACK_VECTOR_IDS
FindingResource.hasInstanceLevelCVSSCustomization	HAS_INSTANCE_LEVEL_CVSS_CUSTOMIZATION
FindingResource.hasInstanceLevelCustomization	HAS_INSTANCE_LEVEL_CUSTOMIZATION
FindingResource.impactRating	IMPACT_RATING
FindingResource.likelihoodRating	LIKELIHOOD_RATING
FindingResource.nonAcceptedStatus	NON_ACCEPTED_STATUS
FindingResource.notesCount	NOTES_COUNT
FindingResource.subTypeTags	SUB_TYPE_TAGS
FindingResource.zeroDayTags	ZERO_DAY_TAGS
(sync timestamp)	LAST_CAPTURED

Issue

Table 6: Issue attribute mappings

Source Field	Attribute Name
SourceVulnResource.id	UID
SourceVulnResource.location	NAME
normalized from vuln.status	STATUS
vuln.status	SOURCE_STATUS
derived from STATUS	STATUS_CATEGORY
vuln.threat	THREAT
vuln.score	SCORE
vuln.impact	IMPACT
vuln.likelihood	LIKELIHOOD
vuln.cvss_v3_score	CVSS_V3_BASE_SCORE
derived from vuln.cvss_v3_vector	CVSS_V3_VECTOR
parsed CVSS v3 metrics	CVSS_V3_AV / _AC / _PR / _UI / _CI / _II / _AI / _E / _RL / _RC
vuln.cvss_v3_environmental_score	CVSS_ENV_SCORE
vuln.cvss_v3_environmental_vector	CVSS_ENV_VECTOR
vuln.cvss_score (fallback when v3 absent)	CVSS_V2_BASE_SCORE
parsed CVSS v2 metrics (fallback)	CVSS_V2_VECTOR / _AV / _AC / _AU / _CI / _II / _AI / _E / _RL / _RC
vuln.found	FIRST_FOUND
vuln.opened	LAST_FOUND
vuln.closed	LAST_FIXED
vuln.modified	SOURCE_LAST_MODIFIED
vuln.application_id	TARGETS
vuln.clean_description	DESCRIPTION
vuln.clean_solution	SOLUTION
vuln.cve_reference[].title	CVE_IDS
vuln.cve_reference[].title	CVE_RECORDS
vuln.dast_classes[].name	DAST_CLASSES
vuln.class_readable	CATEGORIES
capitalized vuln.risk	RISK
capitalized vuln.custom_risk	CUSTOM_RISK
vuln.tags	TAGS
VulnerabilityClassResource.id	TYPE
VulnerabilityClassResource.id	DEFINITION_ID
(sync timestamp)	LAST_CAPTURED

Attack Vector

Table 7: Attack Vector attribute mappings

Source Field	Attribute Name
AttackVectorResource.id	UID
AttackVectorResource.id	NAME
[VulnResource.id, VulnResource.site]	TARGETS
VulnResource.id	FINDING_ID
VulnResource.site	SITE_ID
AttackVectorResource.state	STATE
AttackVectorResource.scanner_tags	TAGS
AttackVectorResource.auth_details	AUTH_DETAILS
VulnResource.url + AttackVectorResource.request.url	URL
serialized AttackVectorResource.request	REQUEST
serialized AttackVectorResource.response	RESPONSE
AttackVectorResource.tested	TESTED
AttackVectorResource.opened	OPENED
AttackVectorResource.found	FIRST_FOUND
(sync timestamp)	LAST_CAPTURED

Operation options

The Black Duck Continuous Dynamic connector supports the following operation options. See connector operation options for information about how to apply them.

Table 8: Black Duck Continuous Dynamic connector operation options

Connector Object	Option	All Possible Values	Description	Example
Attack Vector	status	accepted, certified, closed, open	A comma-separated list of attack vector statuses. Retrieve attack vector information based on the specific status as determined by Black Duck.	Key: status Value: accepted. This key and value combination only retrieves attack vector information with a status of accepted.
Dynamic Code Finding	status	accepted, closed, invalid, mitigated, open, out_of_scope	A comma-separated list of finding statuses. Retrieve findings based on the specified status as determined by Black Duck.	Key: status Value: mitigated,accepted. This key and value combination only retrieves findings with a status of accepted or mitigated.
Issue	status	closed, discovered, false, open	A comma-separated list of issue statuses. Retrieve issue information based on the specific status as determined by Black Duck.	Key: status Value: open,discovered. This key and value combination only retrieves issues with a status of open or discovered.

note

The option keys and values are case-sensitive as they are shown in this documentation.

APIs

The Black Duck Continuous Dynamic connector uses the WhiteHat Sentinel API v1 and v2. Specifically, it uses the following endpoints:

Table 9: Black Duck Continuous Dynamic API Endpoints

Connector Object	API Endpoint
Application	GET /api/assets
Attack Vector	GET /api/vuln
Dynamic Code Finding	GET /api/findings
	GET /api/vuln/{findingId}/attack_vector
Dynamic Code Finding Definition	GET /api/vulnerabilityClasses
Issue	GET /api/source_vuln
	GET /api/vulnerabilityClasses
Site	GET /api/v2/sites

Changelog

The Black Duck Continuous Dynamic connector has undergone the following changes:

note

This connector is part of a bundled release with other connectors from the same vendor. If a version shows "No change", it means that the connector version was updated for consistency as part of the bundle, but no functional changes were made to this specific connector. You can update to or skip this version without affecting your existing configuration.

Table 10: Black Duck Continuous Dynamic connector changelog

Version	Description	Date Published
3.2.4	- Added the LAST_CAPTURED attribute and additional asset and Dynamic Code Finding attributes ingested from the Black Duck Continuous Dynamic API. - Fixed a deserialization error in Dynamic Code Finding sync caused by the location field on nested asset data being returned inconsistently between the assets and findings endpoints. No migration required.	May 12th, 2026
3.2.3	No change.	February 18th, 2026
3.2.2	No change.	December 24th, 2025
3.2.1	No change.	November 25th, 2025
3.2.0	No change.	October 17th, 2025
3.1.2	No change.	August 5th, 2025
3.1.1	No change.	August 5th, 2025
3.1.0	No change.	May 21st, 2025
3.0.5	- The WhiteHat Sentinel connector has been renamed to "Black Duck Continuous Dynamic". If you were using the WhiteHat Sentinel connector, install Black Duck Continuous Dynamic and update any existing integrations. - Updated to the new Black Duck Continuous Dynamic logo.	April 11th, 2025
3.0.4	Added the CUSTOM_ASSET_ID attribute to the Site object.	February 19th, 2025
3.0.3	No change.	January 16th, 2025
3.0.2	- Changed the MANUAL attribute type on the Dynamic Code Finding object from string to boolean to resolve a data mismatch error. - Changed the SOURCE_SEVERITY attribute type on the Dynamic Code Finding object from string to integer to resolve a data mismatch error.	July 10th, 2024
3.0.1	No change.	March 6th, 2024
3.0.0	Initial Integration+ release.	September 27th, 2023