> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rad.security/llms.txt
> Use this file to discover all available pages before exploring further.

# AppSec Integrations

> Connect your application security platforms to RAD Security for comprehensive vulnerability management and security scanning.

# Application Security Integrations

Integrate your application security platforms with RAD Security to gain visibility into security findings, vulnerabilities, and compliance issues across your applications.

## Benefits

<CardGroup cols={2}>
  <Card title="Centralized Vulnerability View" icon="eye">
    Aggregate security findings from multiple application security tools in a unified dashboard.
  </Card>

  <Card title="Security Posture Tracking" icon="chart-line">
    Monitor application security trends and track remediation progress over time.
  </Card>

  <Card title="Risk Prioritization" icon="list-ol">
    Correlate application security findings with runtime data to prioritize critical vulnerabilities.
  </Card>

  <Card title="Compliance Reporting" icon="file-certificate">
    Generate compliance reports that include application security scanning results.
  </Card>
</CardGroup>

## Supported Integrations

<AccordionGroup>
  <Accordion title="GitLab" icon="gitlab">
    **Status:** Available

    [View Setup Guide →](/rad-security/integrations/appsec/gitlab-setup)

    Connect GitLab to RAD Security for application security scanning and vulnerability management across your GitLab instance or groups.

    **Key Features:**

    * SAST (Static Application Security Testing) findings
    * DAST (Dynamic Application Security Testing) findings
    * Dependency scanning results
    * Container scanning results
    * Secret detection findings
    * Vulnerability severity and classification
    * Remediation guidance

    **Requirements:**

    * GitLab instance access (cloud or self-hosted)
    * Admin or Owner role (recommended)
    * API token with `read_api` scope
  </Accordion>

  <Accordion title="Snyk" icon="shield-halved">
    **Status:** Available

    [View Setup Guide →](/rad-security/integrations/appsec/snyk-setup)

    Import Snyk application security findings for vulnerability management, code security analysis, and correlation with runtime data.

    **Key Features:**

    * Snyk Code (SAST) findings
    * Open source dependency vulnerabilities
    * Container image vulnerabilities
    * Infrastructure as Code issues
    * OAuth 2.0 Service Account authentication

    **Requirements:**

    * Snyk Enterprise plan
    * Org Admin, Group Admin, or Group Member role
    * OAuth 2.0 Service Account with required permissions
  </Accordion>
</AccordionGroup>

## What Data is Collected

<AccordionGroup>
  <Accordion title="Security Findings" icon="shield-exclamation">
    * SAST findings and code vulnerabilities
    * DAST findings from dynamic analysis
    * Dependency and supply chain vulnerabilities
    * Container image vulnerabilities
    * Secrets and credentials exposed in code
  </Accordion>

  <Accordion title="Application Data" icon="grid-2">
    * Application and project metadata
    * Repository information
    * CI/CD pipeline security job results
  </Accordion>

  <Accordion title="Vulnerability Details" icon="magnifying-glass">
    * Severity and CVSS scores
    * Affected files and line numbers
    * Vulnerability descriptions and context
    * Remediation recommendations
    * Finding status and resolution tracking
  </Accordion>
</AccordionGroup>

## Use Cases

<CardGroup cols={2}>
  <Card title="Vulnerability Management" icon="shield-exclamation">
    Track and manage application vulnerabilities from discovery through remediation.
  </Card>

  <Card title="Shift-Left Security" icon="arrow-left">
    Identify and address security issues early in the development lifecycle.
  </Card>

  <Card title="Compliance Validation" icon="check-circle">
    Ensure applications meet security compliance requirements and standards.
  </Card>

  <Card title="Security Trends" icon="chart-area">
    Analyze security trends across applications to improve overall security posture.
  </Card>

  <Card title="Automated Remediation" icon="wand-magic-sparkles">
    Leverage RADBot to help prioritize and remediate application security findings.
  </Card>

  <Card title="Supply Chain Security" icon="link">
    Monitor dependencies and container images for known vulnerabilities.
  </Card>
</CardGroup>

## Getting Started

<Steps>
  <Step title="Choose Your Platform">
    Select your application security platform from the supported integrations above.
  </Step>

  <Step title="Generate API Credentials">
    Create an API token or service account with the required permissions in your platform.
  </Step>

  <Step title="Configure in RAD Security">
    Add the integration in your RAD Security workspace with the generated credentials.
  </Step>

  <Step title="Verify Connection">
    Confirm the integration is active and security findings are being synced.
  </Step>

  <Step title="Review Findings">
    Navigate to the Evidence Room to view and analyze application security findings.
  </Step>
</Steps>

## Security Best Practices

<AccordionGroup>
  <Accordion title="Use Service Accounts" icon="user-gear">
    Create dedicated service accounts for integrations rather than using personal tokens. This ensures continuity when team members change roles.
  </Accordion>

  <Accordion title="Minimal Permissions" icon="shield-halved">
    Only grant read-only permissions required for the integration. Application security integrations typically don't need write access.
  </Accordion>

  <Accordion title="Token Rotation" icon="rotate">
    Rotate API tokens regularly according to your security policies to minimize risk of credential compromise.
  </Accordion>

  <Accordion title="Audit Access" icon="clipboard-list">
    Regularly review integration access logs and permissions to ensure appropriate usage.
  </Accordion>
</AccordionGroup>

## Next Steps

<CardGroup cols={2}>
  <Card title="GitLab Setup" icon="gitlab" href="/rad-security/integrations/appsec/gitlab-setup">
    Connect GitLab for application security scanning
  </Card>

  <Card title="Evidence Room" icon="vault" href="/rad-security/platform/evidence-room">
    View and analyze security findings
  </Card>

  <Card title="Data Sources Overview" icon="database" href="/rad-security/integrations/data-sources">
    Explore all available data sources
  </Card>

  <Card title="RADBot" icon="robot" href="/rad-security/getting-started/radbot">
    Learn how RADBot helps prioritize vulnerabilities
  </Card>
</CardGroup>