REST API Static Security Testing

works with Bamboo Server 9.6.4 - 11.0.2, Bamboo Data Center 9.6.4 - 11.0.7 and more

Free app

OVERALL RATINGS
INSTALLS
SUPPORT: Partner Supported

Ascend to new heights with Atlassian Cloud. Data Center support (excl. Bitbucket) ends on March 28, 2029. Together, we’ll make this transition a success.

Learn more and get support

Overview

Reviews

Privacy & Security

Support

Installation

Key highlights of the appSecurity Audit (SAST static analysis) of OpenAPI / Swagger files

watch REST API Static Security Testing video

More details

Discover REST API contracts in OpenAPI format (YAML or JSON, v2 or v3) in your repository
For each of them, perform static analysis with 200+ various security best practices checks
Succeed or fail the pipeline based on the overall security score or granular conditions
See detailed report with prioritized issue list and mitigation instructions for each issue
Works with paid and free accounts from https://platform.42crunch.com

Resources

Download
Get the .jar file downloaded to your system
App documentation
Comprehensive set of documentation from the partner on how this app works
EULA
Get the End User License Agreement for this app

Privacy and Security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy

Security program

This app is not part of the Marketplace Bug Bounty program.

Version information

Version 5.1.0•for Bamboo Data Center 9.6.4 - 11.0.7

Release date: Jul 7th 2025
Summary: Allow overwriting team permissions in "collections" mode
Details: It is possible to configure the plugin so that the team permissions in “collections” mode are always applied, even if the team permissions have been previously changed in the Web UI
Payment model: Free