Skip to main content

Run Contrast CLI

If you are an Enterprise Contrast user, you can use the new Contrast CLI to run a SAST scan or find vulnerable libraries and then view results in Contrast.

Before you begin

  • You must be a current Contrast user.

  • You must have the Contrast CLI installed.

  • In Contrast, under user menu > User settings > Profile, locate and copy this information:

    • API key

    • Organization ID

    • Authorization header

    • Contrast URL (host domain). For example, https://app.contrastsecurity.com.

Steps

  • Run a SAST scan:

  1. In the terminal, type the following code: contrast scan -f <file name>

    Note

    If you have not used the auth command to store credentials locally, use the following set:

    contrast scan -f file name>
    --organization-id <your organization ID>
    --api-key <your API key>
    --authorization <your authorization header>
    --host <your host domain>
  2. In the results click the link to view the scan results in Contrast.

  • Find vulnerable libraries:

  1. In the terminal, type the following code: contrast audit

    Note

    If you have not used the auth command to store credentials locally, use the following set:

    contrast audit
    --organization-id <your organization ID>
    --api-key <your API key>
    --authorization <your authorization header>
    --application-id <your application ID>
    --host <your host domain>
  2. In the results click the link to open the dependency tree view in Contrast.