View Policy Violation Findings by Team

APIs

Use this code to see how many open security findings violate your application policy and are assigned to a specific team.

About this task

To view findings that violate policy for a team:

Procedure

  1. Call the Applications endpoint to list all applications: https://api.veracode.com/appsec/v1/applications.
  2. For each application in the list that is assigned to a specific team, look up the application policy and request a policy evaluation, noting the policy evaluation GUID in the response:
    • https://api.veracode.com/appsec/v1/policies?legacy_policy_id={policy_id - policies[0].policy_id)
    • POST https://api.veracode.com/appsec/v1/policy_evaluations resource_type=APPLICATION policy={policy_guid} resource_guid={application_guid}
  3. After the policy evaluation completes for each application, call the Findings endpoint, passing the policy evaluation GUID and filtering the open findings that impact the policy: https://api.veracode.com/appsec/v1/applications/{application_guid}/findings?policy_eval={policy_eval_guid}&finding_status=OPEN&impacts_evaluation=true