Merge branch '258203-add-api-fuzzing-report' into 'master'

Add API Fuzzing report type to backend See merge request gitlab-org/gitlab!43763

Merge branch '258203-add-api-fuzzing-report' into 'master'
Add API Fuzzing report type to backend See merge request gitlab-org/gitlab!43763
ffdf2f23 · Stan Hu · 2c3abd36 · 3d743738 · ffdf2f23 · ffdf2f23
Commit ffdf2f23 authored Oct 07, 2020 by Stan Hu
34 changed files
--- a/app/models/ci/job_artifact.rb
+++ b/app/models/ci/job_artifact.rb
@@ -46,7 +46,8 @@ module Ci
      terraform: 'tfplan.json',
      cluster_applications: 'gl-cluster-applications.json',
      requirements: 'requirements.json',
-      coverage_fuzzing: 'gl-coverage-fuzzing.json'
+      coverage_fuzzing: 'gl-coverage-fuzzing.json',
+      api_fuzzing: 'gl-api-fuzzing-report.json'
    }.freeze
    INTERNAL_TYPES = {
@@ -82,11 +83,13 @@ module Ci
      load_performance: :raw,
      terraform: :raw,
      requirements: :raw,
-      coverage_fuzzing: :raw
+      coverage_fuzzing: :raw,
+      api_fuzzing: :raw
    }.freeze
    DOWNLOADABLE_TYPES = %w[
      accessibility
+      api_fuzzing
      archive
      cobertura
      codequality
@@ -194,7 +197,8 @@ module Ci
      requirements: 22, ## EE-specific
      coverage_fuzzing: 23, ## EE-specific
      browser_performance: 24, ## EE-specific
-      load_performance: 25 ## EE-specific
+      load_performance: 25, ## EE-specific
+      api_fuzzing: 26 ## EE-specific
    }
    # `file_location` indicates where actual files are stored.

--- a/doc/api/graphql/reference/gitlab_schema.graphql
+++ b/doc/api/graphql/reference/gitlab_schema.graphql
@@ -16654,6 +16654,11 @@ type ScannedResourceEdge {
 Represents summary of a security report
 """
 type SecurityReportSummary {
+  """
+  Aggregated counts for the api_fuzzing scan
+  """
+  apiFuzzing: SecurityReportSummarySection
  """
  Aggregated counts for the container_scanning scan
  """
@@ -16734,6 +16739,7 @@ type SecurityReportSummarySection {
 The type of the security scanner
 """
 enum SecurityScannerType {
+  API_FUZZING
  CONTAINER_SCANNING
  COVERAGE_FUZZING
  DAST
@@ -20173,7 +20179,7 @@ type Vulnerability implements Noteable {
  """
  Type of the security report that found the vulnerability (SAST,
  DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION,
-  COVERAGE_FUZZING)
+  COVERAGE_FUZZING, API_FUZZING)
  """
  reportType: VulnerabilityReportType
@@ -20636,6 +20642,7 @@ type VulnerabilityPermissions {
 The type of the security scan that found the vulnerability
 """
 enum VulnerabilityReportType {
+  API_FUZZING
  CONTAINER_SCANNING
  COVERAGE_FUZZING
  DAST

--- a/doc/api/graphql/reference/gitlab_schema.json
+++ b/doc/api/graphql/reference/gitlab_schema.json
@@ -48143,6 +48143,20 @@
          "name": "SecurityReportSummary",
          "description": "Represents summary of a security report",
          "fields": [
+            {
+              "name": "apiFuzzing",
+              "description": "Aggregated counts for the api_fuzzing scan",
+              "args": [
+              ],
+              "type": {
+                "kind": "OBJECT",
+                "name": "SecurityReportSummarySection",
+                "ofType": null
+              },
+              "isDeprecated": false,
+              "deprecationReason": null
+            },
            {
              "name": "containerScanning",
              "description": "Aggregated counts for the container_scanning scan",
@@ -48386,6 +48400,12 @@
              "description": null,
              "isDeprecated": false,
              "deprecationReason": null
+            },
+            {
+              "name": "API_FUZZING",
+              "description": null,
+              "isDeprecated": false,
+              "deprecationReason": null
            }
          ],
          "possibleTypes": null
@@ -58532,7 +58552,7 @@
            },
            {
              "name": "reportType",
-              "description": "Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING)",
+              "description": "Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING)",
              "args": [
              ],
@@ -59983,6 +60003,12 @@
              "description": null,
              "isDeprecated": false,
              "deprecationReason": null
+            },
+            {
+              "name": "API_FUZZING",
+              "description": null,
+              "isDeprecated": false,
+              "deprecationReason": null
            }
          ],
          "possibleTypes": null
--- a/doc/api/graphql/reference/index.md
+++ b/doc/api/graphql/reference/index.md
@@ -2246,6 +2246,7 @@ Represents summary of a security report.
 | Field | Type | Description |
 | ----- | ---- | ----------- |
+| `apiFuzzing` | SecurityReportSummarySection | Aggregated counts for the api_fuzzing scan |
 | `containerScanning` | SecurityReportSummarySection | Aggregated counts for the container_scanning scan |
 | `coverageFuzzing` | SecurityReportSummarySection | Aggregated counts for the coverage_fuzzing scan |
 | `dast` | SecurityReportSummarySection | Aggregated counts for the dast scan |
@@ -2817,7 +2818,7 @@ Represents a vulnerability.
 | `location` | VulnerabilityLocation | Location metadata for the vulnerability. Its fields depend on the type of security scan that found the vulnerability |
 | `primaryIdentifier` | VulnerabilityIdentifier | Primary identifier of the vulnerability. |
 | `project` | Project | The project on which the vulnerability was found |
-| `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING) |
+| `reportType` | VulnerabilityReportType | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING) |
 | `resolvedOnDefaultBranch` | Boolean! | Indicates whether the vulnerability is fixed on the default branch or not |
 | `scanner` | VulnerabilityScanner | Scanner metadata for the vulnerability. |
 | `severity` | VulnerabilitySeverity | Severity of the vulnerability (INFO, UNKNOWN, LOW, MEDIUM, HIGH, CRITICAL) |
@@ -3551,6 +3552,7 @@ The type of the security scanner.
 | Value | Description |
 | ----- | ----------- |
+| `API_FUZZING` |  |
 | `CONTAINER_SCANNING` |  |
 | `COVERAGE_FUZZING` |  |
 | `DAST` |  |
@@ -3735,6 +3737,7 @@ The type of the security scan that found the vulnerability.
 | Value | Description |
 | ----- | ----------- |
+| `API_FUZZING` |  |
 | `CONTAINER_SCANNING` |  |
 | `COVERAGE_FUZZING` |  |
 | `DAST` |  |

--- a/ee/app/controllers/ee/projects/merge_requests_controller.rb
+++ b/ee/app/controllers/ee/projects/merge_requests_controller.rb
@@ -15,7 +15,9 @@ module EE
        before_action :whitelist_query_limiting_ee_merge, only: [:merge]
        before_action :authorize_read_pipeline!, only: [:container_scanning_reports, :dependency_scanning_reports,
-                                                        :sast_reports, :secret_detection_reports, :dast_reports, :metrics_reports, :coverage_fuzzing_reports]
+                                                        :sast_reports, :secret_detection_reports, :dast_reports,
+                                                        :metrics_reports, :coverage_fuzzing_reports,
+                                                        :api_fuzzing_reports]
        before_action :authorize_read_licenses!, only: [:license_scanning_reports]
        feature_category :code_review, [:delete_description_version, :description_diff]
@@ -60,6 +62,10 @@ module EE
        reports_response(merge_request.compare_coverage_fuzzing_reports(current_user), head_pipeline)
      end
+      def api_fuzzing_reports
+        reports_response(merge_request.compare_api_fuzzing_reports(current_user), head_pipeline)
+      end
      private
      def whitelist_query_limiting_ee_merge

--- a/ee/app/finders/security/security_jobs_finder.rb
+++ b/ee/app/finders/security/security_jobs_finder.rb
@@ -13,7 +13,7 @@
 module Security
  class SecurityJobsFinder < JobsFinder
    def self.allowed_job_types
-      [:sast, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing]
+      [:sast, :dast, :dependency_scanning, :container_scanning, :secret_detection, :coverage_fuzzing, :api_fuzzing]
    end
  end
 end
--- a/ee/app/graphql/types/vulnerability_location_type.rb
+++ b/ee/app/graphql/types/vulnerability_location_type.rb
@@ -20,7 +20,7 @@ module Types
        VulnerabilityLocation::ContainerScanningType
      when 'dependency_scanning'
        VulnerabilityLocation::DependencyScanningType
-      when 'dast'
+      when 'dast', 'api_fuzzing'
        VulnerabilityLocation::DastType
      when 'sast'
        VulnerabilityLocation::SastType

--- a/ee/app/models/ee/ci/build.rb
+++ b/ee/app/models/ee/ci/build.rb
@@ -16,7 +16,8 @@ module EE
        dependency_scanning: :dependency_scanning,
        container_scanning: :container_scanning,
        dast: :dast,
-        coverage_fuzzing: :coverage_fuzzing
+        coverage_fuzzing: :coverage_fuzzing,
+        api_fuzzing: :api_fuzzing
      }.with_indifferent_access.freeze
      EE_RUNNER_FEATURES = {

--- a/ee/app/models/ee/ci/job_artifact.rb
+++ b/ee/app/models/ee/ci/job_artifact.rb
@@ -12,7 +12,7 @@ module EE
    prepended do
      after_destroy :log_geo_deleted_event
-      SECURITY_REPORT_FILE_TYPES = %w[sast secret_detection dependency_scanning container_scanning dast coverage_fuzzing].freeze
+      SECURITY_REPORT_FILE_TYPES = %w[sast secret_detection dependency_scanning container_scanning dast coverage_fuzzing api_fuzzing].freeze
      LICENSE_SCANNING_REPORT_FILE_TYPES = %w[license_management license_scanning].freeze
      DEPENDENCY_LIST_REPORT_FILE_TYPES = %w[dependency_scanning].freeze
      METRICS_REPORT_FILE_TYPES = %w[metrics].freeze
@@ -22,6 +22,7 @@ module EE
      DAST_REPORT_TYPES = %w[dast].freeze
      REQUIREMENTS_REPORT_FILE_TYPES = %w[requirements].freeze
      COVERAGE_FUZZING_REPORT_TYPES = %w[coverage_fuzzing].freeze
+      API_FUZZING_REPORT_TYPES = %w[api_fuzzing].freeze
      BROWSER_PERFORMANCE_REPORT_FILE_TYPES = %w[browser_performance performance].freeze
      scope :project_id_in, ->(ids) { where(project_id: ids) }
@@ -64,6 +65,10 @@ module EE
      scope :coverage_fuzzing_reports, -> do
        with_file_types(COVERAGE_FUZZING_REPORT_TYPES)
      end
+      scope :api_fuzzing_reports, -> do
+        with_file_types(API_FUZZING_REPORT_TYPES)
+      end
    end
    class_methods do

--- a/ee/app/models/ee/ci/pipeline.rb
+++ b/ee/app/models/ee/ci/pipeline.rb
@@ -51,7 +51,8 @@ module EE
          license_scanning: %i[license_scanning],
          metrics: %i[metrics_reports],
          requirements: %i[requirements],
-          coverage_fuzzing: %i[coverage_fuzzing]
+          coverage_fuzzing: %i[coverage_fuzzing],
+          api_fuzzing: %i[api_fuzzing]
        }.freeze
        state_machine :status do

--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -164,7 +164,8 @@ module EE
        dependency_scanning: report_type_enabled?(:dependency_scanning),
        license_scanning: report_type_enabled?(:license_scanning),
        coverage_fuzzing: report_type_enabled?(:coverage_fuzzing),
-        secret_detection: report_type_enabled?(:secret_detection)
+        secret_detection: report_type_enabled?(:secret_detection),
+        api_fuzzing: report_type_enabled?(:api_fuzzing)
      }
    end
@@ -248,6 +249,12 @@ module EE
      compare_reports(::Ci::CompareSecurityReportsService, current_user, 'coverage_fuzzing')
    end
+    def compare_api_fuzzing_reports(current_user)
+      return missing_report_error('api fuzzing') unless has_api_fuzzing_reports?
+      compare_reports(::Ci::CompareSecurityReportsService, current_user, 'api_fuzzing')
+    end
    def synchronize_approval_rules_from_target_project
      return if merged?

--- a/ee/app/models/ee/namespace.rb
+++ b/ee/app/models/ee/namespace.rb
@@ -338,7 +338,8 @@ module EE
      feature_available?(:dependency_scanning) ||
      feature_available?(:container_scanning) ||
      feature_available?(:dast) ||
-      feature_available?(:coverage_fuzzing)
+      feature_available?(:coverage_fuzzing) ||
+      feature_available?(:api_fuzzing)
    end
    def free_plan?

--- a/ee/app/models/security/scan.rb
+++ b/ee/app/models/security/scan.rb
@@ -19,7 +19,8 @@ module Security
      container_scanning: 3,
      dast: 4,
      secret_detection: 5,
-      coverage_fuzzing: 6
+      coverage_fuzzing: 6,
+      api_fuzzing: 7
    }
    delegate :project, to: :build

--- a/ee/app/models/vulnerabilities/feedback.rb
+++ b/ee/app/models/vulnerabilities/feedback.rb
@@ -15,7 +15,7 @@ module Vulnerabilities
    attr_accessor :vulnerability_data
    enum feedback_type: { dismissal: 0, issue: 1, merge_request: 2 }, _prefix: :for
-    enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3, secret_detection: 4, coverage_fuzzing: 5 }
+    enum category: { sast: 0, dependency_scanning: 1, container_scanning: 2, dast: 3, secret_detection: 4, coverage_fuzzing: 5, api_fuzzing: 6 }
    validates :project, presence: true
    validates :author, presence: true

--- a/ee/app/models/vulnerabilities/finding.rb
+++ b/ee/app/models/vulnerabilities/finding.rb
@@ -59,7 +59,8 @@ module Vulnerabilities
      container_scanning: 2,
      dast: 3,
      secret_detection: 4,
-      coverage_fuzzing: 5
+      coverage_fuzzing: 5,
+      api_fuzzing: 6
    }.with_indifferent_access.freeze
    enum confidence: CONFIDENCE_LEVELS, _prefix: :confidence

--- a/ee/app/presenters/projects/security/configuration_presenter.rb
+++ b/ee/app/presenters/projects/security/configuration_presenter.rb
@@ -18,7 +18,8 @@ module Projects
        license_scanning: 'user/compliance/license_compliance/index',
        sast: 'user/application_security/sast/index',
        secret_detection: 'user/application_security/secret_detection/index',
-        coverage_fuzzing: 'user/application_security/coverage_fuzzing/index'
+        coverage_fuzzing: 'user/application_security/coverage_fuzzing/index',
+        api_fuzzing: 'user/application_security/api_fuzzing/index'
      }.freeze
      def self.localized_scan_descriptions
@@ -31,7 +32,8 @@ module Projects
          license_scanning: _('Search your project dependencies for their licenses and apply policies.'),
          sast: _('Analyze your source code for known vulnerabilities.'),
          secret_detection: _('Analyze your source code and git history for secrets.'),
-          coverage_fuzzing: _('Find bugs in your code with coverage-guided fuzzing.')
+          coverage_fuzzing: _('Find bugs in your code with coverage-guided fuzzing.'),
+          api_fuzzing: _('Find bugs in your code with API fuzzing.')
        }.freeze
      end
@@ -45,7 +47,8 @@ module Projects
          license_scanning: _('License Compliance'),
          sast: _('Static Application Security Testing (SAST)'),
          secret_detection: _('Secret Detection'),
-          coverage_fuzzing: _('Coverage Fuzzing')
+          coverage_fuzzing: _('Coverage Fuzzing'),
+          api_fuzzing: _('API Fuzzing')
        }.freeze
      end

--- a/ee/changelogs/unreleased/258203-add-api-fuzzing-report.yml
+++ b/ee/changelogs/unreleased/258203-add-api-fuzzing-report.yml
+---
+title: Add API Fuzzing report type (backend)
+merge_request: 43763
+author:
+type: added
--- a/ee/lib/ee/gitlab/ci/parsers.rb
+++ b/ee/lib/ee/gitlab/ci/parsers.rb
@@ -15,6 +15,7 @@ module EE
                container_scanning: ::Gitlab::Ci::Parsers::Security::ContainerScanning,
                dast: ::Gitlab::Ci::Parsers::Security::Dast,
                sast: ::Gitlab::Ci::Parsers::Security::Sast,
+                api_fuzzing: ::Gitlab::Ci::Parsers::Security::Dast,
                coverage_fuzzing: ::Gitlab::Ci::Parsers::Security::CoverageFuzzing,
                secret_detection: ::Gitlab::Ci::Parsers::Security::SecretDetection,
                metrics: ::Gitlab::Ci::Parsers::Metrics::Generic,

--- a/ee/spec/controllers/projects/security/configuration_controller_spec.rb
+++ b/ee/spec/controllers/projects/security/configuration_controller_spec.rb
@@ -29,7 +29,7 @@ RSpec.describe Projects::Security::ConfigurationController do
      it 'responds in json format when requested' do
        get :show, params: { namespace_id: project.namespace, project_id: project, format: :json }
-        types = %w(sast dast dast_profiles dependency_scanning container_scanning secret_detection coverage_fuzzing license_scanning)
+        types = %w(sast dast dast_profiles dependency_scanning container_scanning secret_detection coverage_fuzzing license_scanning api_fuzzing)
        expect(response).to have_gitlab_http_status(:ok)
        expect(json_response['features'].map { |f| f['type'] }).to match_array(types)

--- a/ee/spec/factories/ci/builds.rb
+++ b/ee/spec/factories/ci/builds.rb
@@ -6,7 +6,7 @@ FactoryBot.define do
      failure_reason { Ci::Build.failure_reasons[:protected_environment_failure] }
    end
-    %i[codequality container_scanning dast dependency_scanning license_management license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
+    %i[api_fuzzing codequality container_scanning dast dependency_scanning license_management license_scanning performance browser_performance load_performance sast secret_detection coverage_fuzzing].each do |report_type|
      trait "legacy_#{report_type}".to_sym do
        success
        artifacts
@@ -133,5 +133,11 @@ FactoryBot.define do
        build.job_artifacts << create(:ee_ci_job_artifact, :coverage_fuzzing, job: build)
      end
    end
+    trait :api_fuzzing_report do
+      after(:build) do |build|
+        build.job_artifacts << create(:ee_ci_job_artifact, :api_fuzzing, job: build)
+      end
+    end
  end
 end
--- a/ee/spec/factories/ci/job_artifacts.rb
+++ b/ee/spec/factories/ci/job_artifacts.rb
@@ -413,5 +413,16 @@ FactoryBot.define do
          'application/json')
      end
    end
+    trait :api_fuzzing do
+      file_format { :raw }
+      file_type { :api_fuzzing }
+      after(:build) do |artifact, _|
+        artifact.file = fixture_file_upload(
+          Rails.root.join('ee/spec/fixtures/security_reports/master/gl-api-fuzzing-report.json'),
+          'application/json')
+      end
+    end
  end
 end
--- a/ee/spec/factories/ci/pipelines.rb
+++ b/ee/spec/factories/ci/pipelines.rb
@@ -2,7 +2,7 @@
 FactoryBot.define do
  factory :ee_ci_pipeline, class: 'Ci::Pipeline', parent: :ci_pipeline do
-    %i[browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_management license_scanning load_performance sast secret_detection].each do |report_type|
+    %i[api_fuzzing browser_performance codequality container_scanning coverage_fuzzing dast dependency_list dependency_scanning license_management license_scanning load_performance sast secret_detection].each do |report_type|
      trait "with_#{report_type}_report".to_sym do
        status { :success }

--- a/ee/spec/fixtures/api/schemas/vulnerability_feedback.json
+++ b/ee/spec/fixtures/api/schemas/vulnerability_feedback.json
@@ -32,7 +32,7 @@
    },
    "category": {
      "type": "string",
-      "enum": ["sast", "dependency_scanning", "container_scanning", "dast", "coverage_fuzzing"]
+      "enum": ["sast", "dependency_scanning", "container_scanning", "dast", "coverage_fuzzing", "api_fuzzing"]
    },
    "project_fingerprint": { "type": "string" },
    "branch": { "type": ["string", "null"] },

--- a/ee/spec/fixtures/lib/gitlab/import_export/complex/project.json
+++ b/ee/spec/fixtures/lib/gitlab/import_export/complex/project.json
@@ -31,6 +31,7 @@
    "auto_fix_dast": true,
    "auto_fix_dependency_scanning": false,
    "auto_fix_sast": false,
-    "auto_fix_coverage_fuzzing": false
+    "auto_fix_coverage_fuzzing": false,
+    "auto_fix_api_fuzzing": false
  }
 }
--- a/ee/spec/fixtures/lib/gitlab/import_export/complex/tree/project.json
+++ b/ee/spec/fixtures/lib/gitlab/import_export/complex/tree/project.json
-{"security_setting": {"auto_fix_container_scanning": true,"auto_fix_dast": true,"auto_fix_dependency_scanning": false,"auto_fix_sast": false, "auto_fix_coverage":  false}}
+{"security_setting": {"auto_fix_container_scanning": true,"auto_fix_dast": true,"auto_fix_dependency_scanning": false,"auto_fix_sast": false, "auto_fix_coverage":  false, "auto_fix_api_fuzzing": false}}
--- a/ee/spec/fixtures/security_reports/master/gl-api-fuzzing-report.json
+++ b/ee/spec/fixtures/security_reports/master/gl-api-fuzzing-report.json
--- a/ee/spec/graphql/types/security_scanner_type_enum_spec.rb
+++ b/ee/spec/graphql/types/security_scanner_type_enum_spec.rb
@@ -4,6 +4,6 @@ require 'spec_helper'
 RSpec.describe GitlabSchema.types['SecurityScannerType'] do
  it 'exposes all security scanner types' do
-    expect(described_class.values.keys).to contain_exactly(*%w[CONTAINER_SCANNING COVERAGE_FUZZING DAST DEPENDENCY_SCANNING SAST SECRET_DETECTION])
+    expect(described_class.values.keys).to match_array(%w[API_FUZZING CONTAINER_SCANNING COVERAGE_FUZZING DAST DEPENDENCY_SCANNING SAST SECRET_DETECTION])
  end
 end
--- a/ee/spec/graphql/types/vulnerability_report_type_enum_spec.rb
+++ b/ee/spec/graphql/types/vulnerability_report_type_enum_spec.rb
@@ -4,6 +4,6 @@ require 'spec_helper'
 RSpec.describe GitlabSchema.types['VulnerabilityReportType'] do
  it 'exposes all vulnerability report types' do
-    expect(described_class.values.keys).to contain_exactly(*%w[SAST SECRET_DETECTION DAST CONTAINER_SCANNING DEPENDENCY_SCANNING COVERAGE_FUZZING])
+    expect(described_class.values.keys).to match_array(%w[SAST SECRET_DETECTION DAST CONTAINER_SCANNING DEPENDENCY_SCANNING COVERAGE_FUZZING API_FUZZING])
  end
 end
--- a/ee/spec/lib/ee/gitlab/usage_data_spec.rb
+++ b/ee/spec/lib/ee/gitlab/usage_data_spec.rb
@@ -535,6 +535,8 @@ RSpec.describe Gitlab::UsageData do
        secret_detection_scans: 0,
        coverage_fuzzing_pipeline: 0,
        coverage_fuzzing_scans: 0,
+        api_fuzzing_pipeline: 0,
+        api_fuzzing_scans: 0,
        user_unique_users_all_secure_scanners: 1
      )
    end
@@ -586,13 +588,15 @@ RSpec.describe Gitlab::UsageData do
        dast_pipeline: 0,
        secret_detection_pipeline: 1,
        coverage_fuzzing_pipeline: 0,
+        api_fuzzing_pipeline: 0,
        user_unique_users_all_secure_scanners: 1,
        sast_scans: 0,
        dependency_scanning_scans: 2,
        container_scanning_scans: 1,
        dast_scans: 0,
        secret_detection_scans: 1,
-        coverage_fuzzing_scans: 0
+        coverage_fuzzing_scans: 0,
+        api_fuzzing_scans: 0
      )
    end
@@ -624,6 +628,8 @@ RSpec.describe Gitlab::UsageData do
        secret_detection_scans: 0,
        coverage_fuzzing_pipeline: 0,
        coverage_fuzzing_scans: 0,
+        api_fuzzing_pipeline: 0,
+        api_fuzzing_scans: 0,
        user_unique_users_all_secure_scanners: 3
      )
    end
@@ -654,6 +660,8 @@ RSpec.describe Gitlab::UsageData do
        secret_detection_scans: 0,
        coverage_fuzzing_pipeline: 0,
        coverage_fuzzing_scans: 0,
+        api_fuzzing_pipeline: 0,
+        api_fuzzing_scans: 0,
        user_unique_users_all_secure_scanners: 1
      )
    end
@@ -684,6 +692,8 @@ RSpec.describe Gitlab::UsageData do
        secret_detection_scans: -1,
        coverage_fuzzing_pipeline: -1,
        coverage_fuzzing_scans: -1,
+        api_fuzzing_pipeline: -1,
+        api_fuzzing_scans: -1,
        user_unique_users_all_secure_scanners: -1
      )
    end

--- a/ee/spec/models/ee/vulnerability_spec.rb
+++ b/ee/spec/models/ee/vulnerability_spec.rb
@@ -16,7 +16,8 @@ RSpec.describe Vulnerability do
      container_scanning: 2,
      dast: 3,
      secret_detection: 4,
-      coverage_fuzzing: 5 }
+      coverage_fuzzing: 5,
+      api_fuzzing: 6 }
  end
  it { is_expected.to define_enum_for(:state).with_values(state_values) }
@@ -306,12 +307,13 @@ RSpec.describe Vulnerability do
    let_it_be(:vulnerability_secret_detection) { create(:vulnerability, :secret_detection) }
    let_it_be(:vulnerability_sast) { create(:vulnerability, :sast) }
    let_it_be(:vulnerability_coverage_fuzzing) { create(:vulnerability, :coverage_fuzzing) }
+    let_it_be(:vulnerability_api_fuzzing) { create(:vulnerability, :api_fuzzing) }
    describe 'asc' do
      subject { described_class.order_report_type_asc }
      it 'returns vulnerabilities ordered by report_type' do
-        is_expected.to eq([vulnerability_coverage_fuzzing, vulnerability_dast, vulnerability_sast, vulnerability_secret_detection])
+        is_expected.to eq([vulnerability_api_fuzzing, vulnerability_coverage_fuzzing, vulnerability_dast, vulnerability_sast, vulnerability_secret_detection])
      end
    end
@@ -319,7 +321,7 @@ RSpec.describe Vulnerability do
      subject { described_class.order_report_type_desc }
      it 'returns vulnerabilities ordered by report_type' do
-        is_expected.to eq([vulnerability_secret_detection, vulnerability_sast, vulnerability_dast, vulnerability_coverage_fuzzing])
+        is_expected.to eq([vulnerability_secret_detection, vulnerability_sast, vulnerability_dast, vulnerability_coverage_fuzzing, vulnerability_api_fuzzing])
      end
    end
  end

--- a/ee/spec/presenters/projects/security/configuration_presenter_spec.rb
+++ b/ee/spec/presenters/projects/security/configuration_presenter_spec.rb
@@ -72,7 +72,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false, auto_dev_ops_enabled: true),
          security_scan(:license_scanning, configured: false, auto_dev_ops_enabled: true),
          security_scan(:secret_detection, configured: true, auto_dev_ops_enabled: true),
-          security_scan(:coverage_fuzzing, configured: false, auto_dev_ops_enabled: true)
+          security_scan(:coverage_fuzzing, configured: false, auto_dev_ops_enabled: true),
+          security_scan(:api_fuzzing, configured: false, auto_dev_ops_enabled: true)
        )
      end
    end
@@ -95,7 +96,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false),
          security_scan(:license_scanning, configured: false),
          security_scan(:secret_detection, configured: false),
-          security_scan(:coverage_fuzzing, configured: false)
+          security_scan(:coverage_fuzzing, configured: false),
+          security_scan(:api_fuzzing, configured: false)
        )
      end
    end
@@ -125,7 +127,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false),
          security_scan(:license_scanning, configured: false),
          security_scan(:secret_detection, configured: true),
-          security_scan(:coverage_fuzzing, configured: false)
+          security_scan(:coverage_fuzzing, configured: false),
+          security_scan(:api_fuzzing, configured: false)
        )
      end
@@ -142,7 +145,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false),
          security_scan(:license_scanning, configured: false),
          security_scan(:secret_detection, configured: false),
-          security_scan(:coverage_fuzzing, configured: false)
+          security_scan(:coverage_fuzzing, configured: false),
+          security_scan(:api_fuzzing, configured: false)
        )
      end
@@ -165,7 +169,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false),
          security_scan(:license_scanning, configured: false),
          security_scan(:secret_detection, configured: false),
-          security_scan(:coverage_fuzzing, configured: false)
+          security_scan(:coverage_fuzzing, configured: false),
+          security_scan(:api_fuzzing, configured: false)
        )
      end
@@ -180,7 +185,8 @@ RSpec.describe Projects::Security::ConfigurationPresenter do
          security_scan(:dependency_scanning, configured: false),
          security_scan(:license_scanning, configured: true),
          security_scan(:secret_detection, configured: true),
-          security_scan(:coverage_fuzzing, configured: false)
+          security_scan(:coverage_fuzzing, configured: false),
+          security_scan(:api_fuzzing, configured: false)
        )
      end

--- a/lib/gitlab/ci/config/entry/reports.rb
+++ b/lib/gitlab/ci/config/entry/reports.rb
@@ -15,7 +15,7 @@ module Gitlab
            %i[junit codequality sast secret_detection dependency_scanning container_scanning
               dast performance browser_performance load_performance license_management license_scanning metrics lsif
               dotenv cobertura terraform accessibility cluster_applications
-               requirements coverage_fuzzing].freeze
+               requirements coverage_fuzzing api_fuzzing].freeze
          attributes ALLOWED_KEYS
@@ -25,6 +25,7 @@ module Gitlab
            with_options allow_nil: true do
              validates :junit, array_of_strings_or_string: true
+              validates :api_fuzzing, array_of_strings_or_string: true
              validates :coverage_fuzzing, array_of_strings_or_string: true
              validates :sast, array_of_strings_or_string: true
              validates :sast, array_of_strings_or_string: true

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -1305,6 +1305,9 @@ msgstr ""
 msgid "ACTION REQUIRED: Something went wrong while obtaining the Let's Encrypt certificate for GitLab Pages domain '%{domain}'"
 msgstr ""
+msgid "API Fuzzing"
+msgstr ""
 msgid "API Help"
 msgstr ""
@@ -11365,6 +11368,9 @@ msgstr ""
 msgid "Find File"
 msgstr ""
+msgid "Find bugs in your code with API fuzzing."
+msgstr ""
 msgid "Find bugs in your code with coverage-guided fuzzing."
 msgstr ""

--- a/spec/services/ci/retry_build_service_spec.rb
+++ b/spec/services/ci/retry_build_service_spec.rb
@@ -46,7 +46,8 @@ RSpec.describe Ci::RetryBuildService do
       job_variables waiting_for_resource_at job_artifacts_metrics_referee
       job_artifacts_network_referee job_artifacts_dotenv
       job_artifacts_cobertura needs job_artifacts_accessibility
-       job_artifacts_requirements job_artifacts_coverage_fuzzing].freeze
+       job_artifacts_requirements job_artifacts_coverage_fuzzing
+       job_artifacts_api_fuzzing].freeze
  ignore_accessors =
    %i[type lock_version target_url base_tags trace_sections