Mayo ASPM Documentation
Welcome to Mayo ASPM — Application Security Posture Management, priced like you actually use it.
What is Mayo ASPM?
Mayo ASPM consolidates your security scanners, integrations, and findings in one place. It normalizes results from multiple scanning tools, deduplicates findings, tracks remediation across teams, and gives security and engineering leaders an honest picture of risk.
Key Features
- Multi-Scanner Support — OpenGrep (SAST), Semgrep, Trivy (SCA), Grype, Gitleaks (secrets)
- PR Scanning — Automated security scans on pull requests with GitHub check runs
- OPA Policies — Rego-based triage, priority, ownership, and project assignment
- Jira Integration — Generate tickets from findings with OPA-driven filtering
- Universal Search — Cmd+K to search across findings, repos, and scans
- Project Hierarchy — Auto-created from assets with sub-project support
- Airflow ETL — Scheduled nightly scans and repo syncing
- API Access — Full REST API with org API key authentication
Quick Links
| Resource | URL |
|---|---|
| Platform | mayoaspm.com |
| API Docs (Swagger) | docs.api.mayoaspm.com/docs |
| API Docs (ReDoc) | docs.api.mayoaspm.com/redoc |
| GitHub | github.com/securelyprogramming/mayoaspm.com |
Getting Started
- Sign up for a free account
- Connect your GitHub organization
- Run your first scan
- View findings on the dashboard