Using the Mitigation and Comments API

APIs

The Mitigation and Comments API enables you to integrate flaw comments and mitigation workflow tasks into IDEs and bug tracking systems.

You can mitigate a flaw, accept or reject a mitigation action, or you can comment on a proposed mitigation. In addition, you can view all comments and mitigation actions any user has performed on a flaw.

To learn about how to use the Mitigation and Comments API, read the tutorial.

To use the Mitigation and Comments API, you must have either a:
  • Veracode API account with the Mitigation API role
  • Veracode human user account with the following roles to do specific tasks:
    Reviewer or Security Lead
    To view all actions performed on a flaw, to submit proposed mitigations, or to comment on proposed mitigations.
    Mitigation Approver and either Reviewer or Security Lead
    To accept or reject proposed mitigations.