AppSec / Vulnerability Management Connectors¶
Application security and vulnerability management connectors provide AI agents with access to static analysis, dynamic analysis, software composition analysis, container scanning, and vulnerability assessment platforms. Agents use these connectors to query scan results, manage vulnerability findings, track remediation status, and orchestrate scanning workflows.
Most operations in this category are LOW to MEDIUM risk, focused on querying findings and managing scan configurations. Operations that modify scanning policies or suppress vulnerability findings carry MEDIUM to HIGH risk.
| Connector | Operations | Risk Levels | Description |
|---|---|---|---|
| Checkmarx | 21 | LOW, MEDIUM, HIGH | Checkmarx SAST and SCA operations for scan management, vulnerability queries, result triage, and project configuration |
| Snyk | 23 | LOW, MEDIUM, HIGH | Snyk operations for project vulnerability management, dependency scanning, license compliance, and issue monitoring configuration |
| Tenable | 25 | LOW, MEDIUM, HIGH | Tenable.io operations for vulnerability scanning, asset management, scan scheduling, plugin queries, and export management |
| Qualys | 21 | LOW, MEDIUM, HIGH | Qualys VMDR operations for host asset management, vulnerability scanning, knowledge base queries, and remediation tracking |
| Rapid7 | 25 | LOW, MEDIUM, HIGH | Rapid7 InsightVM operations for site management, scan execution, vulnerability queries, asset group administration, and report generation |
| SonarQube | 23 | LOW, MEDIUM, HIGH | SonarQube operations for project analysis, issue management, quality gate queries, and code quality profile configuration |
| Veracode | 23 | LOW, MEDIUM, HIGH | Veracode operations for application scanning, findings management, sandbox analysis, and policy compliance queries |
| Semgrep | 16 | LOW, MEDIUM | Semgrep operations for rule management, scan execution, finding queries, and custom rule deployment across repositories |
| GitHub Security | 20 | LOW, MEDIUM, HIGH | GitHub Advanced Security operations for code scanning alerts, secret scanning, Dependabot alerts, and repository security settings |
| GitLab Security | 21 | LOW, MEDIUM, HIGH | GitLab Security Dashboard operations for vulnerability management, dependency scanning results, SAST findings, and pipeline security reports |
| Aqua Security | 22 | LOW, MEDIUM, HIGH | Aqua Security operations for container image scanning, runtime policy management, vulnerability assessments, and Kubernetes security posture |
| Trivy | 16 | LOW, MEDIUM | Trivy scanner operations for container image scanning, filesystem scanning, Kubernetes cluster scanning, and SBOM generation |
| Falco | 21 | LOW, MEDIUM, HIGH | Falco runtime security operations for rule management, alert queries, event stream consumption, and runtime policy enforcement |
| Wazuh | 25 | LOW, MEDIUM, HIGH | Wazuh operations for agent management, vulnerability detection, security configuration assessment, and file integrity monitoring |