Integrating MuleSoft Anypoint Exchange with Acunetix 360 On-Demand

This feature is available with Invicti API Security Standalone or Bundle

Integrating Acunetix 360 On-Demand with MuleSoft Anypoint Exchange allows you to fetch Swagger2, OpenAPI3, and RAML specification files from MuleSoft to build an inventory of API endpoints that can be scanned for vulnerabilities with our DAST scanners. The integration leverages Connected Apps, where Acunetix 360 is the application that integrates via user account with MuleSoft Anypoint Exchange.

This document explains how to set up an integration between MuleSoft Anypoint Exchange and Acunetix 360 On-Demand. If you are using Acunetix 360 On-Premises, refer to Integrating MuleSoft Anypoint Exchange with Acunetix 360 On-Premises.

How to integrate Acunetix 360 On-Demand with MuleSoft Anypoint Exchange

This integration has three steps. Follow the steps below in each section to prepare your MuleSoft Anypoint Exchange account for integration with Acunetix 360 On-Demand.

NOTE: Only Swagger2, OpenAPI3, and RAML specification files will be imported.

Step 1: Ensure you have a MuleSoft Anypoint Exchange account

In order for Acunetix 360 to successfully fetch your Swagger2, OpenAPI3, and RAML specification files from MuleSoft, you need to have a Mulesoft Anypoint Exchange account that contains your API specification files. This account will be used to facilitate creating a Connected App integration between Acunetix 360 and MuleSoft Anypoint Exchange, which will import and sync your API specifications.

The integration will use the Connected App to access the following filter scopes:

  • Exchange Viewer 
  • Profile 
  • Background Access (this is necessary for the refresh token functionality)

Once you have a MuleSoft Anypoint Exchange account, continue with step 2 below to configure the API import source.

Step 2: Configure the API import source in Acunetix 360

Now that you have access to MuleSoft Anypoint Exchange, you are ready to set up the MuleSoft integration in Acunetix 360 to import your API specification files.

  1. Log in to Acunetix 360 On-Demand.
  2. Select APIs > Sources from the left-side menu.

  1. Click Add new source.

  1. Enter a name for the API integration and select MuleSoft as the source type.

  1. Click Authenticate and Save. You will be directed to your MuleSoft account to authorize the integration, after which you will be returned to Acunetix 360.
  2. Log in to MuleSoft Anypoint Exchange with the account that contains your API specification files.

  1. Click Grant access to… to authorize the integration.

Once complete, you will see a short message displayed in Acunetix 360: Authorization was successful. Your MuleSoft integration now appears on the APIs > Sources page in Acunetix 360. Continue with the final step below to synchronize the API import.

Step 3: Synchronize the API import

  1. On the APIs > Sources page in Acunetix 360, click the sync icon to start importing your API specification files from MuleSoft into your Acunetix 360 API Inventory.

  1. When the sync is complete, your API specification files will be displayed on the API Inventory page in Acunetix 360. From this page, you can link your API specification files to targets so they can be scanned for vulnerabilities. For more information, refer to Linking and unlinking discovered APIs to targets.

Your MuleSoft Anypoint Exchange account is now integrated with Acunetix 360. After the initial synchronization, the integration will automatically sync your API specifications once every 24 hours.

NOTE: To synchronize API specifications on demand, click the sync icon on the APIs > Sources page. To disable automatic synchronization, click the toggle in the Sync Automatically column on the APIs > Sources page.


« Back to the Acunetix Support Page