Source
OpenAPI and Postman
Import API definitions and collections to seed catalog coverage and testing workflows.
CodeSec Cloud works with API sources, analyst tools, browser discovery, scanner orchestration, and provider-pluggable AI while keeping execution governed.
Connected workflow
The product direction is to preserve traffic truth, scope boundaries, target validation, approvals, and reviewable artifacts rather than scattering them across tool silos.
Source
Import API definitions and collections to seed catalog coverage and testing workflows.
HTTP truth
Use Burp for replay, traffic context, proxy history, and analyst-auditable HTTP evidence.
CodeSec Cloud
evidence trail
UI signal
Connect authenticated browser discovery to UI actions, snapshots, flows, and promoted API candidates.
Executor
Run governed scanner profiles such as Nuclei jobs through target validation and execution tracking.
Planner
Use provider-pluggable planning, summarization, and evidence workflows without exposing model authority to execute.
Use the demo to test how Burp, browser discovery, imported specs, scanners, and AI planning connect around evidence.