Migrating from APIsec to Pynt

Try middleBrick free

What middleBrick covers

  • Black-box scanning with no agents or SDK dependencies
  • Risk score grading from A to F with prioritized findings
  • 12 OWASP API Top 10 detection categories
  • OpenAPI 3.0/3.1 and Swagger 2.0 parsing with ref resolution
  • Authenticated scanning with header allowlist and domain verification
  • Scheduled rescans and diff-based alerting

Overview of migration goals

This guide outlines the practical steps to move from APIsec to middleBrick as your API security scanner. The focus is on data export, rebuilding scan history in the new platform, and preserving existing CI wiring. middleBrick is a self-service black-box scanner that returns a letter grade risk score with prioritized findings, so expectations and workflows will differ from tools that integrate deeper into your build pipeline.

Data export and import considerations

Export findings from APIsec in a structured format such as JSON or CSV, including severity, endpoint, parameter, and remediation notes. In middleBrick, you do not import findings directly; instead you re-run scans against the same API definitions to generate comparable results. Use the CLI to automate repeated scans and capture JSON output for archival. Cross-reference exported APIsec identifiers with your middleBrick dashboard to manually map closed findings and track status changes over time.

Rebuilding scan history and trends

middleBrick does not ingest historical scan data, so you will rebuild history by scheduling recurring scans and using the dashboard trend lines. Enable continuous monitoring on the Pro tier to get scheduled rescans at six-hour, daily, weekly, or monthly intervals. Use the diff capabilities to surface new findings, resolved findings, and score drift. Export periodic dashboard snapshots to maintain an external timeline that mirrors your previous reporting cadence.

Preserving CI and automation wiring

Update your CI configuration to call the middleBrick CLI or API instead of APIsec commands. Example CLI usage: middlebrick scan https://api.example.com/openapi.json --format json. In GitHub Actions, replace existing steps with the middleBrick GitHub Action, setting your score threshold to fail the build. If you used webhooks in APIsec, replicate them with middleBrick’s HMAC-SHA256 signed webhooks, noting that they auto-disable after five consecutive failures and require host ownership verification via DNS TXT or a well-known file.

Known gaps and operational adjustments

middleBrick does not fix, patch, block, or remediate findings; it detects and reports with remediation guidance. It does not perform active SQL injection or command injection testing, nor does it detect blind SSRF that requires out-of-band infrastructure. The scanner focuses on read-only methods and blocks destructive payloads, private IPs, localhost, and cloud metadata endpoints. Authentication in starter and above supports Bearer, API key, Basic auth, and cookies, with domain verification to ensure only the domain owner can scan with credentials. Adjust your workflows to account for these limitations and rely on the generated remediation notes and external pentest coverage for business logic or advanced exploit paths.

See how middleBrick compares See all use cases

Frequently Asked Questions

Can I import my APIsec scan results directly into middleBrick?
No, middleBrick does not ingest external scan files. You re-scan your APIs with the CLI or dashboard and compare results over time using the UI and exported JSON.
How do I preserve my scan history after migration?
Enable continuous monitoring on the Pro tier to automatically rescan on a schedule and use diff detection. Export dashboard snapshots periodically to maintain your own historical record.
Will my existing CI pipelines work without changes after migration?
No, you must update CI scripts to use the middleBrick CLI or API. Replace APIsec commands with equivalent middleBrick commands and reconfigure any webhooks with the new HMAC-SHA256 signed endpoints.
Does middleBrick cover compliance mappings such as PCI-DSS and OWASP API Top 10?
The scanner maps findings to PCI-DSS 4.0, SOC 2 Type II, and OWASP API Top 10 (2023). For other frameworks, it helps you prepare for and aligns with security controls described in them.
What happens to my scan data when I cancel my subscription?
Customer scan data is deletable on demand and purged within 30 days of cancellation. It is not sold and is never used for model training.

Related Pages

Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.Nuclei vs Salt SecurityNeutral side-by-side comparison of Nuclei and Salt Security.OWASP ZAP vs Prompt SecurityNeutral side-by-side comparison of OWASP ZAP and Prompt Security.42Crunch vs Lasso SecurityNeutral side-by-side comparison of 42Crunch and Lasso Security.