IntegrationsAppSec

Unified API for Application Security

Integrate with any application security testing tool using the same data model. SAST, SCA, DAST, and code security in one API.

Supported Integrations

Connect to all major appsec platforms through a single unified API.

Checkmarx One
Checkmarx SAST
Checkmarx SCA
Mend
Mend
Semgrep
Semgrep
A
Aikido Security
OpenText Fortify
OpenText Fortify
JFrog Xray
SonarQube
SonarQube
GitHub Advanced SecuritySoon
GitLab SecuritySoon
Black Duck SCA
Black Duck SCASoon
Rapid7 InsightAppSec
Rapid7 InsightAppSecSoon
Qualys WASSoon
SnykSoon
Wiz Code
Wiz CodeSoon
Arnica Security
Arnica SecuritySoon
Veracode
VeracodeSoon
Contrast Security
Contrast SecuritySoon
Tenable Web App Scanning
Tenable Web App ScanningSoon
Aqua Security
Aqua SecuritySoon

Data Normalization at a Glance

Different vendors, different schemas. Unizo normalizes them all into one unified output.

Checkmarx
pluginidplugin_nameseverityrecommendation
Semgrep
Semgrep
check_idextra.messageextra.severityextra.fix
SonarQube
SonarQube
keymessageseverityresolution
Veracode
Veracode
finding_idfinding_categoryseverityrecommendation
U
Unizo
Unified Schema

Consistent across all vendors

idcategorynamedescriptionseveritycvecwestate

Detailed Field Mapping

Checkmarx

pluginidid
plugin_namename
severityseverity
recommendationremediation

Semgrep
Semgrep

check_idid
extra.messagename
extra.severityseverity
extra.fixremediation

SonarQube
SonarQube

keyid
messagename
severityseverity
resolutionremediation

Veracode
Veracode

finding_idid
finding_categorycategory
severityseverity
recommendationremediation

What You Can Build

Use Unizo's unified API to power these capabilities and more.

Ingest & Query Findings

Fetch SAST, SCA, and DAST findings across all AppSec tools. Search by severity, CWE, language, file path, and package name.

Analyze & Enrich Context

Retrieve finding metadata (CWE, CVE, severity ratings), affected code locations, vulnerable packages, and remediation guidance.

Remediation & Developer Workflows

Mark findings as fixed, accepted, or false positive. Create pull requests, link to Jira tickets, and assign to developers.

Unified Data Models

Consistent data structures that work the same way across all appsec platforms.

Auth

Manages secure authentication via tokens, credentials, OAuth

Project

Represents scanned applications, repositories, or codebases

Scan

Captures SAST/SCA/DAST analysis runs with configuration and metadata

Finding

Individual security findings with code location, severity, and fix information

How Can We Help?

Explore Docs

Browse API documentation and integration guides.

View Documentation

Request Demo

See AppSec integrations in action.

Request Demo

Contact Us

Have questions? Our team is here to help.

Get in Touch

Ready to Integrate AppSec?

Get started with Unizo's unified API and connect to all your appsec platforms today.