diff --git a/code-scanning/crunch42.yml b/code-scanning/crunch42.yml index 1ac846e95a..94ea23bd0b 100644 --- a/code-scanning/crunch42.yml +++ b/code-scanning/crunch42.yml @@ -3,23 +3,22 @@ # separate terms of service, privacy policy, and support # documentation. -# This workflow locates REST API file contracts -# (Swagger or OpenAPI format, v2 and v3, JSON and YAML) -# and runs 200+ security checks on them using 42Crunch Security Audit technology. +# This workflow locates REST API file contracts (Swagger or OpenAPI format, v2 and v3, JSON and YAML) +# and runs 300+ security checks on them using 42Crunch Security Audit technology to uncover +# potential vulnerabilities related to authentication, authorization as well as data validation. # # Documentation is located here: https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm # -# To use this workflow, you will need to complete the following setup steps. +# To use this workflow, you need a 42Crunch platform account. If you do not have one, you can contact us +# from this page: https://42crunch.com/request-demo. # -# 1. Create a free 42Crunch account at https://platform.42crunch.com/register -# -# 2. Follow steps at https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm +# 1. Follow steps at https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm # to create an API Token on the 42Crunch platform # -# 3. Add a secret in GitHub as explained in https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm, -# store the 42Crunch API Token in that secret, and supply the secret's name as api-token parameter in this workflow +# 2. Create an secret in GitHub as explained in https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm +# and store the 42Crunch API Token in that secret. Expected default is API_TOKEN (see the api-token property in the task). # -# If you have any questions or need help contact https://support.42crunch.com +# If you have any questions or need help, open an issue at: https://support.42crunch.com. name: "42Crunch REST API Static Security Testing" @@ -46,7 +45,7 @@ jobs: - uses: actions/checkout@v3 - name: 42Crunch REST API Static Security Testing - uses: 42Crunch/api-security-audit-action@f3a4f4d44ca6f538fe84361373d7a2a374018fdd + uses: 42Crunch/api-security-audit-action@fc01ea7a89e6268875868f9d89598af7a9899ae0 with: # Please create free account at https://platform.42crunch.com/register # Follow these steps to configure API_TOKEN https://docs.42crunch.com/latest/content/tasks/integrate_github_actions.htm diff --git a/code-scanning/properties/crunch42.properties.json b/code-scanning/properties/crunch42.properties.json index 82ae816ec0..b87f0a6107 100644 --- a/code-scanning/properties/crunch42.properties.json +++ b/code-scanning/properties/crunch42.properties.json @@ -1,7 +1,7 @@ { "name": "42Crunch API Security Audit", "creator": "42Crunch", - "description": "Use the 42Crunch API Security Audit REST API to perform static application security testing (SAST) on OpenAPI/Swagger files.", + "description": "Use the 42Crunch Audit to perform static API security testing (SAST) on OpenAPI/Swagger files.", "iconName": "42crunch", "categories": ["Code Scanning"] } \ No newline at end of file