Configuring API keys for external systems

To enable specific security scanning and AI-powered analysis features, API keys must be configured in ScanSuite. Follow the steps below to set up the necessary API keys.

Open the Settings menu:

1. OpenVAS Configuration (Infrastructure Scans)

ScanSuite requires OpenVAS credentials to execute infrastructure scans.

• Specify the OpenVAS URL, login, and password in the ScanSuite settings.

• OpenVAS can be installed on either the same host as ScanSuite or a separate server.

• Follow the official installation guide: 🔗 OpenVAS Installation Guide

---

2. Snyk API Key Configuration (SCA & SAST Scans)

A Snyk API key is required for Snyk-based security scans. Obtain a free API key by following these steps:

1. Create a Snyk account: 🔗 Sign Up or Log In to Snyk
2. Enable Snyk Code:

   • Navigate to: Snyk Code Management
   • Enable Snyk Code for static code analysis.

3. Generate an API Token:

   • Go to: Snyk Account Settings
   • Create and copy your Auth Token.

---

3. OpenAI API Key Configuration (AI-Assisted Features)

An OpenAI API key is required for AI-generated content, such as custom scanning rules and static code analysis.

• Obtain an API key at: 🔗 OpenAI API Key Management

---

Entering API Keys in ScanSuite

1. Navigate to ScanSuite Settings.

2. Locate the respective fields for:

   • OpenVAS Connection Parameters

   • Snyk API Key

   • OpenAI API Key

3. Enter the keys exactly as provided by the respective platforms.

4. Click Save to apply the settings.