DataDog · api-clients-generation-pipeline · Feb 16, 2026
@@ -682,6 +682,7 @@ func NewConfiguration() *Configuration {
 			"v2.ActivateContentPack":                     false,
 			"v2.CancelThreatHuntingJob":                  false,
 			"v2.ConvertJobResultToSignal":                false,
+			"v2.CreateSecurityFinding":                   false,
 			"v2.DeactivateContentPack":                   false,
 			"v2.DeleteThreatHuntingJob":                  false,
 			"v2.GetContentPacksStates":                   false,
@@ -691,6 +692,8 @@ func NewConfiguration() *Configuration {
 			"v2.GetSecurityMonitoringHistsignal":         false,
 			"v2.GetSecurityMonitoringHistsignalsByJobId": false,
 			"v2.GetThreatHuntingJob":                     false,
+			"v2.ImportSecurityVulnerabilities":           false,
+			"v2.ImportThreatIntel":                       false,
 			"v2.ListFindings":                            false,
 			"v2.ListMultipleRulesets":                    false,
 			"v2.ListScannedAssetsMetadata":               false,

@@ -996,6 +996,101 @@ func (a *SecurityMonitoringApi) CreateSecurityFilter(ctx _context.Context, body
 	return localVarReturnValue, localVarHTTPResponse, nil
 }
 
+// CreateSecurityFinding Create security finding.
+// Allows external integrations to send security findings to Datadog. This endpoint accepts finding data in a custom format and returns an empty response on success.
+//
+// **Note**: This endpoint is in preview and is subject to change.
+// If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
+func (a *SecurityMonitoringApi) CreateSecurityFinding(ctx _context.Context, vendor string, findingType SecurityFindingType, body map[string]interface{}) (*_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod = _nethttp.MethodPost
+		localVarPostBody   interface{}
+	)
+
+	operationId := "v2.CreateSecurityFinding"
+	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
+	if !isOperationEnabled {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
+	}
+	if isOperationEnabled && a.Client.Cfg.Debug {
+		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
+	}
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.CreateSecurityFinding")
+	if err != nil {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/security/findings"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Content-Type"] = "application/json"
+	localVarHeaderParams["Accept"] = "*/*"
+
+	localVarHeaderParams["vendor"] = datadog.ParameterToString(vendor, "")
+
+	localVarHeaderParams["finding_type"] = datadog.ParameterToString(findingType, "")
+
+	// body params
+	localVarPostBody = &body
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 {
+			var v JSONAPIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+			return localVarHTTPResponse, newErr
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarHTTPResponse, newErr
+	}
+
+	return localVarHTTPResponse, nil
+}
+
 // CreateSecurityMonitoringCriticalAsset Create a critical asset.
 // Create a new critical asset.
 func (a *SecurityMonitoringApi) CreateSecurityMonitoringCriticalAsset(ctx _context.Context, body SecurityMonitoringCriticalAssetCreateRequest) (SecurityMonitoringCriticalAssetResponse, *_nethttp.Response, error) {
@@ -4508,6 +4603,221 @@ func (a *SecurityMonitoringApi) GetVulnerabilityNotificationRules(ctx _context.C
 	return localVarReturnValue, localVarHTTPResponse, nil
 }
 
+// ImportSecurityVulnerabilities Import vulnerabilities.
+// Import vulnerabilities in CycloneDX 1.5 format. This endpoint validates the payload against the CycloneDX 1.5 schema and additional mandatory field requirements.
+//
+// **Note**: This endpoint is in preview and is subject to change.
+// If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
+func (a *SecurityMonitoringApi) ImportSecurityVulnerabilities(ctx _context.Context, body CycloneDXBOM) (*_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod = _nethttp.MethodPost
+		localVarPostBody   interface{}
+	)
+
+	operationId := "v2.ImportSecurityVulnerabilities"
+	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
+	if !isOperationEnabled {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
+	}
+	if isOperationEnabled && a.Client.Cfg.Debug {
+		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
+	}
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.ImportSecurityVulnerabilities")
+	if err != nil {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/security/vulnerabilities"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Content-Type"] = "application/json"
+	localVarHeaderParams["Accept"] = "*/*"
+
+	// body params
+	localVarPostBody = &body
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 403 || localVarHTTPResponse.StatusCode == 500 {
+			var v JSONAPIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+			return localVarHTTPResponse, newErr
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarHTTPResponse, newErr
+	}
+
+	return localVarHTTPResponse, nil
+}
+
+// ImportThreatIntelOptionalParameters holds optional parameters for ImportThreatIntel.
+type ImportThreatIntelOptionalParameters struct {
+	TiIntegrationAccount *string
+}
+
+// NewImportThreatIntelOptionalParameters creates an empty struct for parameters.
+func NewImportThreatIntelOptionalParameters() *ImportThreatIntelOptionalParameters {
+	this := ImportThreatIntelOptionalParameters{}
+	return &this
+}
+
+// WithTiIntegrationAccount sets the corresponding parameter name and returns the struct.
+func (r *ImportThreatIntelOptionalParameters) WithTiIntegrationAccount(tiIntegrationAccount string) *ImportThreatIntelOptionalParameters {
+	r.TiIntegrationAccount = &tiIntegrationAccount
+	return r
+}
+
+// ImportThreatIntel Import threat intelligence feed.
+// Import threat intelligence feeds with support for IP addresses, domains, and SHA256 hashes. This endpoint requires specific headers to identify the vendor and indicator type.
+//
+// **Note**: This endpoint is in preview and is subject to change.
+// If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
+func (a *SecurityMonitoringApi) ImportThreatIntel(ctx _context.Context, tiVendor string, tiIndicator ThreatIntelIndicatorType, body interface{}, o ...ImportThreatIntelOptionalParameters) (*_nethttp.Response, error) {
+	var (
+		localVarHTTPMethod = _nethttp.MethodPost
+		localVarPostBody   interface{}
+		optionalParams     ImportThreatIntelOptionalParameters
+	)
+
+	if len(o) > 1 {
+		return nil, datadog.ReportError("only one argument of type ImportThreatIntelOptionalParameters is allowed")
+	}
+	if len(o) == 1 {
+		optionalParams = o[0]
+	}
+
+	operationId := "v2.ImportThreatIntel"
+	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
+	if !isOperationEnabled {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
+	}
+	if isOperationEnabled && a.Client.Cfg.Debug {
+		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
+	}
+
+	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.ImportThreatIntel")
+	if err != nil {
+		return nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
+	}
+
+	localVarPath := localBasePath + "/api/v2/security/threat-intel-feed"
+
+	localVarHeaderParams := make(map[string]string)
+	localVarQueryParams := _neturl.Values{}
+	localVarFormParams := _neturl.Values{}
+	localVarHeaderParams["Content-Type"] = "application/json"
+	localVarHeaderParams["Accept"] = "*/*"
+
+	localVarHeaderParams["ti_vendor"] = datadog.ParameterToString(tiVendor, "")
+
+	localVarHeaderParams["ti_indicator"] = datadog.ParameterToString(tiIndicator, "")
+
+	if optionalParams.TiIntegrationAccount != nil {
+		localVarHeaderParams["ti_integration_account"] = datadog.ParameterToString(*optionalParams.TiIntegrationAccount, "")
+	}
+
+	// body params
+	localVarPostBody = &body
+	if a.Client.Cfg.DelegatedTokenConfig != nil {
+		err = datadog.UseDelegatedTokenAuth(ctx, &localVarHeaderParams, a.Client.Cfg.DelegatedTokenConfig)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		datadog.SetAuthKeys(
+			ctx,
+			&localVarHeaderParams,
+			[2]string{"apiKeyAuth", "DD-API-KEY"},
+			[2]string{"appKeyAuth", "DD-APPLICATION-KEY"},
+		)
+	}
+	req, err := a.Client.PrepareRequest(ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	localVarHTTPResponse, err := a.Client.CallAPI(req)
+	if err != nil || localVarHTTPResponse == nil {
+		return localVarHTTPResponse, err
+	}
+
+	localVarBody, err := datadog.ReadBody(localVarHTTPResponse)
+	if err != nil {
+		return localVarHTTPResponse, err
+	}
+
+	if localVarHTTPResponse.StatusCode >= 300 {
+		newErr := datadog.GenericOpenAPIError{
+			ErrorBody:    localVarBody,
+			ErrorMessage: localVarHTTPResponse.Status,
+		}
+		if localVarHTTPResponse.StatusCode == 400 || localVarHTTPResponse.StatusCode == 401 || localVarHTTPResponse.StatusCode == 500 || localVarHTTPResponse.StatusCode == 503 {
+			var v JSONAPIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+			return localVarHTTPResponse, newErr
+		}
+		if localVarHTTPResponse.StatusCode == 429 {
+			var v APIErrorResponse
+			err = a.Client.Decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
+			if err != nil {
+				return localVarHTTPResponse, newErr
+			}
+			newErr.ErrorModel = v
+		}
+		return localVarHTTPResponse, newErr
+	}
+
+	return localVarHTTPResponse, nil
+}
+
 // ListAssetsSBOMsOptionalParameters holds optional parameters for ListAssetsSBOMs.
 type ListAssetsSBOMsOptionalParameters struct {
 	PageToken            *string

@@ -612,6 +612,7 @@
 //   - [SecurityMonitoringApi.CreateCustomFramework]
 //   - [SecurityMonitoringApi.CreateJiraIssues]
 //   - [SecurityMonitoringApi.CreateSecurityFilter]
+//   - [SecurityMonitoringApi.CreateSecurityFinding]
 //   - [SecurityMonitoringApi.CreateSecurityMonitoringCriticalAsset]
 //   - [SecurityMonitoringApi.CreateSecurityMonitoringRule]
 //   - [SecurityMonitoringApi.CreateSecurityMonitoringSuppression]
@@ -653,6 +654,8 @@
 //   - [SecurityMonitoringApi.GetThreatHuntingJob]
 //   - [SecurityMonitoringApi.GetVulnerabilityNotificationRule]
 //   - [SecurityMonitoringApi.GetVulnerabilityNotificationRules]
+//   - [SecurityMonitoringApi.ImportSecurityVulnerabilities]
+//   - [SecurityMonitoringApi.ImportThreatIntel]
 //   - [SecurityMonitoringApi.ListAssetsSBOMs]
 //   - [SecurityMonitoringApi.ListFindings]
 //   - [SecurityMonitoringApi.ListMultipleRulesets]