Programatically download an attestation report

  • Updated
 
 


Objective

The following process provides a means of downloading a Contrast attestation report via the Contrast UI API using a PowerShell script.

 

Process

The process to generate an attestation report involves first making a series of requests to the Contrast UI in order to generate the report. Then making a further request to initiate the download.

The key API endpoints used are as follows:

HTTP Method Endpoint Task
GET /Contrast/api/ng/$ORG_ID/applications/$APP_ID/attestation Load the report info
POST /Contrast/api/ng/$ORG_ID/applications/$APP_ID/attestation Generate the report, the payload will contain the Report Details. The format in which the script stores this payload is shown below:
 
'vulnerabilityStatuses' = @()
'vulnerabilitySeverities' = @() 
'vulnerabilityTypes' = @()
'vulnerabilityTags' = @()
'serverEnvironments' = @()
'serverTags' = @()
'showVulnerabilitiesDetails' = 'true'
'complianceReports' = @("disa", "owasp-2013", "owasp-2017", "pci-2.0", "pci-3.0", "pci-3.2.1")
GET /Contrast/api/ng/$ORG_ID/notifications?limit=1&offset=0 Query the notification endpoint that contains the Report ID.
POST /Contrast/api/ng/$ORG_ID/reports/download/$USERNAME/$REPORTUUID Take the parsed UUID from the previous response and uses it in the URL to download the report.

 

Download the attached PowerShell script from the link below and run with whichever of the following methods best fits your needs:

Run the script directly:

  • Locate the script in Windows Explorer
  • Right click on the attestation.ps1 file
  • Select Run with PowerShell

Run the script in PowerShell

  • Open Start
  • Search for Windows PowerShell ISE, right-click the top result, and select the Run as administrator option
  • Navigate to the directory where the script lives
    PS> cd C:\path\to\script\
  • Execute the script:
    PS> .\attestation.ps1

Run the script on a regular schedule

  • Open Start
  • Search for and open Task Scheduler
  • Select Create Basic Task
  • Give your task a name, such as "Generate Contrast Report"
  • In the Trigger section, specify when you want the task to be run
  • In the Action section, select Start a program
  • In the Program/script field, enter Powershell.exe (no path should be required)
  • In the Add arguments field, enter C:\path\to\script\attestation.ps1
  • Review your task and click Finish

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request