Noname Security
Noname Security is an API security tool that analyzes your API landscape to mitigate potential risks. By integrating API endpoint, site, and security data from Noname Security into Brinqa, you can enhance visibility into potential API vulnerabilities, thus strengthening your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Noname Security and how to obtain that information from Noname Security. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Noname Security from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Noname Security with Brinqa:
-
Server URL: Your organization's Noname Security server URL. The URL format is
https://<ServerName>. -
API token: The API token associated with the Noname Security account, which must have permissions to log in to the API server and return data.
Generate a Noname Security API token
For the Noname Security connector to use the Noname Management API, you must provide an API token. Only Noname Security Administrators can generate tokens for themselves. You cannot generate a token for other users, even if they have the Admin role.
To generate a token, follow these steps:
-
Login to your Noname Security portal as an administrator.
-
Navigate to Settings > User Management.
-
Click The Users tab and then click Generate API Token.
Your API token displays. You cannot view the token again after this. Copy and save it to a safe and secure location.
If you do not have the permissions to create a token, contact your Noname Security administrator. For additional information, see Noname Security documentation.
Additional settings
The Noname Security connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 4.
Types of data to retrieve
The Noname Security connector can retrieve the following types of data from the Noname Management API:
Table 1: Data retrieved from Noname Security
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| API Endpoint | Yes | API Endpoint |
| Dynamic Code Finding | Yes | Dynamic Code Finding |
| Dynamic Code Finding Definition | Yes | Dynamic Code Finding Definition |
| Site | Yes | Site |
For detailed steps on how to view the data retrieved from Noname Security in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
API Endpoint
Table 2: API Endpoint attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| AIRIDs | Local variable |
| accountId | Local variable |
| apiGateway | Local variable |
| apiName | Local variable |
| apiType | type |
| apmNumbers | Local variable |
| applications | Local variable |
| auth | Local variable |
| backendServer | Local variable |
| cloudEntitiesTagList | Local variable |
| dataTypesIds | Local variable |
| dataTypeTags | Local variable |
| distinctUsers | Local variable |
| groups.id | Local variable |
| groups.name | Local variable |
| host | target |
| id | uid |
| internetFacing | Local variable |
| lastSeen | lastSeen |
| lastUpdate | sourceLastModified |
| loadBalancer | Local variable |
| method | Local variable |
| openapiSpecState | Local variable |
| owner | owner |
| path | path, Local variable |
| recentlyUpdated | Local variable |
| requestDatatypes | Local variable |
| requestDatatypeTags | Local variable |
| resourceGroupName | Local variable |
| responseDatatypes | Local variable |
| responseDatatypeTags | Local variable |
| sources | Local variable |
| tagIds | Local variable |
| tags | Local variable |
| targetHost | Local variable |
| targetServers | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Dynamic Code Finding
Table 3: Dynamic Code Finding attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| apiId | Local variable |
| comments.message | Local variable |
| description | description |
| detectionTime | firstFound |
| host | targets, name, hostnames |
| id | uid |
| lastUpdate | sourceLastModified |
| method | Local variable |
| path | targets |
| resourceGroupName | Local variable |
| status | status, sourceStatus, statusCategory |
| tickets.alias | Local variable |
| title | name |
| triggeredOn | Local variable |
| typeId | type, uid |
| url | url |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Dynamic Code Finding Definition
Table 4: Dynamic Code Finding Definition attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| description | description |
| evidence | results |
| impact | Local variable |
| investigate | Local variable |
| module | Local variable |
| owaspTags | tags |
| remediation | recommendation |
| severity | severity, severityScore, sourceSeverity |
| title | name |
| typeId | type, uid |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Site
Table 5: Site attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| apiId | Local variable |
| comments.message | Local variable |
| host | hostnames, name, targets |
| method | Local variable |
| resourceGroupName | Local variable |
| tickets.alias | Local variable |
| triggeredOn | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Operation options
The Noname Security connector supports the following operation options. See connector operation options for information about how to apply them.
Table 6: Noname Security operation options
| Connector Object | Option | All Possible Values | Description | Example |
|---|---|---|---|---|
| API Endpoint | host | Any Noname Security host | Return only the APIs with the specified host. | Key: host Value: example.com This key and value combination only retrieves the APIs with the example.com host. |
| path | Any Noname Security API path | Return only the APIs with the specified path. | Key: path Value: api/v1/authorizations. This key and value combination only retrieves the APIs with the api/v1/authorizations path. | |
| Dynamic Code Finding | severity | Info, Low, Medium, High, Critical | A comma-separated list of finding severities. Return only the findings with the specified severities, as determined by Noname Security. | Key: severity Value: Critical. This key and value combination only retrieves critical findings. |
| status | Any Noname Security Finding status | A comma-separated list of finding statuses. Return only the findings with the specified status, as determined by Noname Security. For the full list of finding statuses, see Noname Security documentation. | Key: status Value: Open,False positive. This key and value combination only retrieves findings with a status of open or false positive. | |
| Site | severity | Info, Low, Medium, High, Critical | A comma-separated list of finding severities. Return only the sites with the specified severities, as determined by Noname Security. | Key: severity Value: High,Critical. This key and value combination only retrieves high and critical sites. |
| status | Any Noname Security Finding status | A comma-separated list of finding statuses. Return only the findings with the specified status, as determined by Noname Security. For the full list of finding statuses, see Noname Security documentation. | Key: status Value: Open,False positive. This key and value combination only retrieves findings with a status of open or false positive. |
The option keys and values are case-sensitive as they are shown in this documentation.
APIs
The Noname Security connector uses the Noname Management API v3 and v4. Specifically, it uses the following endpoints:
Table 7: Noname Security API Endpoints
| Connector Object | API Endpoints |
|---|---|
| API Endpoint | GET /api/v3/apis |
| Dynamic Code Finding | GET /api/v4/findings GET /api/v4/findings/{id} |
| Dynamic Code Finding Definition | GET /api/v4/policies/findings |
| Site | GET /api/v4/findings GET /api/v4/findings/{id} |
Changelog
The Noname Security connector has undergone the following changes:
3.0.2
- Added the APM_NUMBERS attribute to the API Endpoint object.
3.0.1
- Fixed an issue where the Dynamic Code Finding sync was failing.
3.0.0
- Initial Integration+ release.