Security Audit vs Operation Audit?

Philip_Colmer · June 7, 2024, 10:19am

The pricing page says that the Freemium option, during Beta Period Only, comprises up to 25 full security audits & scans per month, and up to 100 operation audits & scans per month.

The VS Code extension only seems to provide the full security audit, and editing a file to try and fix issues very quickly results in line number disparities (i.e. where an error was identified has now moved and it can be tricky to find it again).

The solution to the line number disparities is to, of course, run another scan … but 25 full security audit scans gets used up very quickly that way.

I’m not try to abuse the freemium model … but I’m not sure if we at yet in a position to justify the Teams model or higher.

Is there a way to trigger an operation audit from VS Code, or to run something locally?

Anthony · June 7, 2024, 11:21am

@Philip_Colmer
Yes certainly the VSCode extension supports running Audit on individual operations.

If you’re setup correctly, you should see the code lens for Audit (and Scan) directly in the OpenAPI file under each operation:

Philip_Colmer · June 10, 2024, 7:43am

Ah … so you can’t Audit the whole file, just individual operations? (Just double-checking for clarification).

Anthony · June 10, 2024, 9:29am

You can also run Audit on the whole file (“full security audits”).

Use either the Code Lens at the very top of the OpenAPI file, or the purple ‘42C’ button on the top right (by default).