Migrating from Probely to middleBrick

What middleBrick covers

Black-box scanning with no agents or SDKs
Risk score A–F with prioritized findings
LLM adversarial probes across scan tiers
OpenAPI 3.0/3.1 and Swagger 2.0 parsing
Authenticated scans with header allowlist
Continuous monitoring and webhook alerts

Exporting findings from Probely

Probely does not provide a native import path into middleBrick. Export your current findings as a structured file, such as JSON or CSV, from the Probely dashboard. Include finding titles, descriptions, severity, affected endpoints, and any notes you have added. If Probely offers an API, use it to pull the latest scan results so you have a repeatable data source for migration.

Rebuilding scan history in middleBrick

middleBrick does not ingest external scan files. To rebuild history, rerun scans for each API using the same URL and authentication setup. Start with the Free tier to validate coverage, then run Standard or Deep LLM scans where relevant. Record scan timestamps and scores externally, for example in a CSV, so you can correlate findings and track score drift over time. This manual baseline becomes your replacement for Probely’s historical view.

Keeping CI wired up during the cutover

During migration, retain your existing Probely CI checks until middleBrick is proven in your pipeline. For GitHub Actions, add a parallel job that runs middlebrick scan <url> with JSON output, but do not fail the build on its result yet. Compare Probely and middleBrick outcomes for a subset of endpoints to confirm expected signal. When the two align, switch the CI gate to use the middleBrick CLI and remove the Probely step.

middlebrick scan https://api.example.com --output json

What you will miss and how to compensate

Probely may expose proprietary tests or integrations that middleBrick does not replicate. middleBrick focuses on OWASP API Top 10 coverage, OpenAPI spec validation, and LLM security probes, but it does not perform active SQL injection or command injection testing, nor does it discover business logic flaws. Compensate with targeted manual tests and, where needed, a dedicated penetration test for high-risk areas. Use the CLI output to feed custom scripts for checks you previously automated.

What you will gain and next steps

Migrating to middleBrick gives you a self-service, black-box scanner with a concise risk score and prioritized findings across authentication, injection surfaces, authorization, and LLM security. The platform supports OpenAPI parsing, authenticated scans with Bearer or API key, and continuous monitoring with email and webhook alerts. Next steps: inventory your APIs, run a baseline scan with the Free tier, upgrade to Starter or Pro to enable authenticated scans and monitoring, and formalize the GitHub Action gate in your CI pipeline.

Frequently Asked Questions

Can I import a Probely JSON report into middleBrick?

No. middleBrick does not accept external scan imports. You must rerun scans against each API to generate findings.

Will my existing CI pipeline break during migration?

Not if you run scans in parallel first. Keep Probely as the source of truth for CI until you validate middleBrick results and switch the gate.

How do I recreate historical score trends?

Store each scan’s score and timestamp in an external system. Use these records to chart trends, since middleBrick does not ingest prior scan data.

Does middleBrick test for SQL injection like Probely?

No. middleBrick does not send intrusive payloads for SQL injection or command injection. Those tests fall outside its scope.

Can authenticated scans cover all my APIs?

Yes, once you verify domain ownership. Supported methods include Bearer tokens, API keys, Basic auth, and cookies, with only allowlisted headers forwarded.