# Cysmiq ## Docs - [List applications](https://docs.cysmiq.com/api-reference/applications/list-applications.md): Returns the applications defined in the tenant. - [Introduction](https://docs.cysmiq.com/api-reference/introduction.md): Programmatic access to Cysmiq for automation and integrations. - [Get organization](https://docs.cysmiq.com/api-reference/organizations/get-organization.md): Returns details for a single organization, identified by prefixed id (org_...) or full path. - [List organizations](https://docs.cysmiq.com/api-reference/organizations/list-organizations.md): Returns organizational units (orgs / groups / workspaces) the caller can access. - [Get policy violation](https://docs.cysmiq.com/api-reference/policy-violations/get-policy-violation.md): Returns detailed policy violation context, including policy, scope, target, and SLA timing. - [List policy violations](https://docs.cysmiq.com/api-reference/policy-violations/list-policy-violations.md): Returns policy violations for a repository with optional filters for status, enforcement mode, policy, target type, and reference. - [Get repository](https://docs.cysmiq.com/api-reference/repositories/get-repository.md): Returns details for a single repository, identified by prefixed id (repo_...) or org/name path. - [List repositories](https://docs.cysmiq.com/api-reference/repositories/list-repositories.md): Returns repositories the caller can access, optionally filtered by org and VCS source. - [List scans](https://docs.cysmiq.com/api-reference/scans/list-scans.md): Returns scans for a repository/ref with an optional commit SHA filter. Use this to check whether a scan for a given commit has finished and what its status is. - [Who am I](https://docs.cysmiq.com/api-reference/token/who-am-i.md): Returns the authenticated actor (user or tenant), token details, and current tenant context. - [Assign vulnerability](https://docs.cysmiq.com/api-reference/vulnerabilities/assign-vulnerability.md): Assigns or unassigns a vulnerability. Use assignee=me for the authenticated tenant user, a user id/prefixed id/email, or null/unassigned to clear assignment. - [Get vulnerability](https://docs.cysmiq.com/api-reference/vulnerabilities/get-vulnerability.md): Returns detailed vulnerability context, with optional includes for locations, advisories, secrets, call hierarchies, impacts, and source snippets. Snippets are only returned when explicitly requested via include=snippet. - [List vulnerabilities](https://docs.cysmiq.com/api-reference/vulnerabilities/list-vulnerabilities.md): Returns vulnerabilities with optional filters for repository, ref, sha, state, confirmation, triage status, severity, type, and assignee. Without filters the response includes vulnerabilities of every state (open, fixed, accepted, ignored, rejected) — pass `state` to scope to one workflow bucket. - [List vulnerability locations](https://docs.cysmiq.com/api-reference/vulnerabilities/list-vulnerability-locations.md): Returns paginated locations for a single vulnerability. Use `scope=all` to include locations that have been fixed; default `live` returns only currently-vulnerable locations. - [Triage vulnerability](https://docs.cysmiq.com/api-reference/vulnerabilities/triage-vulnerability.md): Transitions a vulnerability between triage states (open, fixed, accepted, ignored). Optionally pass the current `status_version` for optimistic-locking — when supplied, a 409 is returned if the value is stale. The response carries the new version on success. - [Applications](https://docs.cysmiq.com/assets/applications.md): Use application views to group repositories and review product-level security posture. - [Manifests](https://docs.cysmiq.com/assets/manifests.md): Use manifest views to inspect dependency files, direct and transitive dependencies, policy status, and SBOM exports. - [Organizations](https://docs.cysmiq.com/assets/organizations.md): Use organization views to understand VCS organization structure, repository ownership, and sync status. - [Packages](https://docs.cysmiq.com/assets/packages.md): Use package views to review dependencies, versions, licenses, OpenSSF scorecards, usage, vulnerabilities, and policy state. - [Repositories](https://docs.cysmiq.com/assets/repositories.md): Use repository views to review scan status, refs, findings, SBOM exports, and repository-level settings. - [Applications](https://docs.cysmiq.com/concepts/applications.md): Group multiple repositories into a single logical application. - [Assets](https://docs.cysmiq.com/concepts/assets.md): The tracked entities Cysmiq organizes across your codebase. - [Environments](https://docs.cysmiq.com/concepts/environments.md): Map repository refs to deployment boundaries for policy conditions and production-focused reporting. - [Impacts](https://docs.cysmiq.com/concepts/impacts.md): Business-focused categories that describe the real-world consequence of vulnerabilities. - [Integrations](https://docs.cysmiq.com/concepts/integrations.md): Connect Cysmiq to the tools where your code and workflows live. - [SBOMs](https://docs.cysmiq.com/concepts/sboms.md): Software Bills of Materials generated from dependency data. - [Scans](https://docs.cysmiq.com/concepts/scans.md): Security analyses that run on your repositories. - [Users & Access](https://docs.cysmiq.com/concepts/users-access.md): Roles, permissions, and how access control works in Cysmiq. - [Vulnerabilities](https://docs.cysmiq.com/concepts/vulnerabilities.md): Security vulnerabilities across secrets, code, and dependencies. - [Workspaces](https://docs.cysmiq.com/concepts/workspaces.md): Isolated environments for organizing security scanning across your organization. - [Manage API keys](https://docs.cysmiq.com/guides/api-keys.md): Create and manage personal or workspace API keys for automation and integrations. - [Cysmiq CLI](https://docs.cysmiq.com/guides/cli.md): Run vulnerability checks in CI/CD pipelines and query vulnerabilities from scripts or coding agents. - [Connect ticketing](https://docs.cysmiq.com/guides/connect-ticketing.md): Set up ticketing integrations for vulnerability workflows. - [Connect a VCS](https://docs.cysmiq.com/guides/connect-vcs.md): Connect a VCS to start scanning. - [Create tickets](https://docs.cysmiq.com/guides/create-tickets.md): Create tickets from vulnerabilities using Jira. - [Install in your environment](https://docs.cysmiq.com/guides/installation.md): Deploy the Cysmiq self-hosted platform on Kubernetes using Replicated. - [Invite your team](https://docs.cysmiq.com/guides/invite-team.md): Invite members to your workspace and manage invitations. - [Manage applications](https://docs.cysmiq.com/guides/manage-applications.md): Group repositories into applications for aggregated vulnerability tracking and reporting. - [Manage members](https://docs.cysmiq.com/guides/members.md): Invite users and assign roles to control workspace access. - [Quickstart](https://docs.cysmiq.com/guides/quickstart.md): Create your account and workspace, then connect your code. - [Use saved filters](https://docs.cysmiq.com/guides/saved-filters.md): Save, organize, and quickly access commonly used vulnerability filters. - [Introduction](https://docs.cysmiq.com/index.md): Cysmiq documentation for security scanning and vulnerability management. - [Insights](https://docs.cysmiq.com/insights/overview.md): Explore security reports and trends across your workspace. - [Outbound Webhooks](https://docs.cysmiq.com/integrations/webhooks.md): Send workspace events to HTTPS endpoints for automation and monitoring. - [Custom policies](https://docs.cysmiq.com/policies/custom-policies.md): Create condition-based policies for supported Cysmiq policy targets. - [Policies](https://docs.cysmiq.com/policies/overview.md): Govern vulnerability, package, manifest, secret, and code risk with reusable policy rules. - [Package and manifest policies](https://docs.cysmiq.com/policies/package-and-manifest-rules.md): Use allow and deny policies to govern packages, package versions, and manifests. - [Policy violations](https://docs.cysmiq.com/policies/violations.md): Review policy violations, enforcement modes, SLA timing, and exception statuses. - [Code security rules](https://docs.cysmiq.com/reference/code-security-rules.md): Coverage by impact and language. - [Impact Reference](https://docs.cysmiq.com/reference/impacts.md): Detailed mapping of impacts to CWEs and vulnerability types. - [Keyboard shortcuts](https://docs.cysmiq.com/reference/keyboard-shortcuts.md): Navigate and take actions faster in the Cysmiq UI. - [Package Managers & Manifests](https://docs.cysmiq.com/reference/package-managers-manifests.md): Supported package managers, manifests, and lock files for dependency scanning. - [Policy condition fields](https://docs.cysmiq.com/reference/policy-condition-fields.md): Supported fields and operators for custom policy conditions. - [Secret Verification Providers](https://docs.cysmiq.com/reference/secret-verification-providers.md): Services that Cysmiq can verify leaked credentials against. - [Trust & Security](https://docs.cysmiq.com/reference/trust-security.md): Cysmiq's security practices, compliance certifications, and data protection. - [Code](https://docs.cysmiq.com/scanning/code.md): Static analysis for common security issues in source code. - [Dependencies](https://docs.cysmiq.com/scanning/dependencies.md): Identify vulnerable packages and CVEs in your dependencies. - [Scan List View](https://docs.cysmiq.com/scanning/scan-list-view.md): Review scan runs, statuses, filters, and related findings from the Scans view. - [Secrets](https://docs.cysmiq.com/scanning/secrets.md): Detect and verify leaked credentials in code. - [VCS status updates](https://docs.cysmiq.com/scanning/vcs-status-updates.md): Control status checks and pull request decoration for connected version control providers. - [API keys](https://docs.cysmiq.com/security-access/api-keys.md): Authenticate with the Cysmiq API using personal or workspace scoped keys. - [Security and access](https://docs.cysmiq.com/security-access/overview.md): Identity, authentication, and access controls across workspaces and users. - [User settings](https://docs.cysmiq.com/security-access/user-settings.md): Personal account, security, and identity settings. - [Workspace security settings](https://docs.cysmiq.com/security-access/workspace-settings.md): Security controls that apply to everyone in a workspace. - [Self-hosting configuration](https://docs.cysmiq.com/self-hosting/configuration.md): Configure your self-hosted Cysmiq deployment through the Admin Console. - [Network requirements](https://docs.cysmiq.com/self-hosting/network-requirements.md): External endpoints and firewall rules for Cysmiq deployments - [Self-hosting requirements](https://docs.cysmiq.com/self-hosting/requirements.md): Infrastructure and access requirements for on-premise deployments. - [Default Branch Filters](https://docs.cysmiq.com/views-automation/default-branch-filters.md): Control which branch refs appear by default in vulnerability and manifest views. - [Filtering](https://docs.cysmiq.com/views-automation/filtering.md): Filter and search across repositories, vulnerabilities, and other data. - [Managing columns](https://docs.cysmiq.com/views-automation/managing-columns.md): Customize which columns appear in tables and data views. - [AI assistant (Shift)](https://docs.cysmiq.com/vulnerability-management/ai-assistant.md): Ask questions and generate fixes with full vulnerability context. - [Auto assignment](https://docs.cysmiq.com/vulnerability-management/auto-assignment.md): Automatically assign new vulnerabilities to a default owner. - [Vulnerability lifecycle](https://docs.cysmiq.com/vulnerability-management/lifecycle.md): Statuses, resolutions, and how vulnerabilities move through triage. - [Snoozes](https://docs.cysmiq.com/vulnerability-management/snoozes.md): Temporarily pause vulnerability and policy violation follow-up with governed approvals, limits, and scoped settings. - [Tickets](https://docs.cysmiq.com/vulnerability-management/tickets.md): Create and sync tickets for vulnerabilities. - [Vulnerability detail view](https://docs.cysmiq.com/vulnerability-management/vulnerability-detail-view.md): What you see in the vulnerability detail UI and where each section appears. - [Vulnerability list view](https://docs.cysmiq.com/vulnerability-management/vulnerability-list-view.md): Review, filter, and prioritize vulnerabilities before opening details. - [Watch lists](https://docs.cysmiq.com/vulnerability-management/watch-lists.md): Track vulnerabilities you want to monitor closely. ## OpenAPI Specs - [openapi](https://app.cysmiq.com/docs/tenant/openapi.json)