Package: Invicti AppSec Enterprise (on-premise, on-demand)
Google Gemini
Google Gemini is Google's family of multimodal large language models, accessible via the Google AI API. The Invicti AppSec integration with Gemini enables AI-powered features — such as vulnerability remediation guidance and security analysis — by connecting to Google's Gemini models.
Purpose in Invicti AppSec
Google Gemini is used in Invicti AppSec as an LLM Provider — supplying the language model that powers AI-assisted security features.
| Use Case | Description |
|---|---|
| AI remediation guidance | Generate fix recommendations for discovered vulnerabilities using Gemini models |
| Security analysis | Use Gemini's language models to assist in triage and prioritization of security findings |
Where it is used
| Page | Navigation Path | Purpose |
|---|---|---|
| Integrations — LLM Providers | Integrations › LLM Providers | Admin activation and model configuration |
Prerequisites
Before activating the integration, obtain an API key from Google AI Studio:
| Field | Description | Required |
|---|---|---|
| Token | Google AI API key used to authenticate requests to Gemini | Yes |
| Model | The Gemini model to use (selected after a successful test connection) | Yes |
Obtain the API key (on the Google side)
- Go to Google AI Studio.
- Click Get API key in the top navigation.
- Click Create API key and select a Google Cloud project (or create a new one).
- Copy the generated API key.
Gemini API keys are managed through Google AI Studio. Make sure your Google account has access to the Gemini API and that it's enabled for the selected project.
Activation steps
Step 1: Navigate to Integrations
From the left sidebar, click Integrations.
Step 2: Open the LLM Providers tab
On the Integrations page, click the LLM Providers tab.
Step 3: Find and activate Gemini
Locate the Gemini card.
- If it isn't yet activated, click Activate to open the settings drawer.
- If it's already activated, click the gear icon to open the settings drawer and reconfigure.
Step 4: Fill in the required fields
In the settings drawer, enter your Google AI API key:
| Field | Description | Required |
|---|---|---|
| Token | Your Google AI API key | Yes |
Step 5: Test the connection
Click Test Connection. A green "Connection successful" message confirms that Invicti AppSec can reach the Gemini API with the provided key. The Model dropdown appears automatically after a successful test.
Step 6: Select a model
From the Model dropdown, select the Gemini model you want to use for AI features in Invicti AppSec (e.g., gemini-1.5-pro, gemini-2.0-flash).
Step 7: Save
Click Save to complete the activation.
Summary
| Step | Action |
|---|---|
| 1 | Navigate to Integrations from the sidebar |
| 2 | Select the LLM Providers tab |
| 3 | Find Gemini and click Activate (or the gear icon) |
| 4 | Enter your Google AI API key in the Token field |
| 5 | Click Test Connection — verify the success message |
| 6 | Select a Model from the dropdown |
| 7 | Click Save |
Troubleshooting
| Issue | Resolution |
|---|---|
| Connection failed | Verify the API key is correct and hasn't been revoked. Regenerate it from Google AI Studio if needed. |
| Invalid API key | Ensure the key was copied in full without extra spaces. Confirm the Gemini API is enabled for the associated Google Cloud project. |
| No models available | Confirm your Google account and project have access to Gemini models. Some models may require specific regional availability or quota approvals. |
| 403 Forbidden | The Gemini API may not be enabled for your Google Cloud project. Enable it in the Google Cloud Console under APIs & Services. |
| Rate limit errors | Your Google AI API quota may be exhausted. Check usage limits in the Google Cloud Console and request a quota increase if needed. |
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center