HomeGuidesAPI ReferenceChangelog
Log In
Guides

Aqua

Suggest Edits

Aqua Container Scanning integration

This CLI is able to sync asset, scans and vulnerabilities from a folder containing Aqua files.

  • aqua - Import a folder of Aqua files and sync assets, vulnerabilities and scans to RegScale.

Aqua Processing Workflow

The CLI will process each Aqua file and load assets, vulnerabilities and scans to RegScale.

  • import_aqua Import Aqua scans and assets to RegScale
Required parameters

  • regscale_ssp_id The ID number from RegScale of the System Security Plan, required.

  • folder_path The full folder path where the Aqua files are located.

Additional Information:

The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.

File Format

Below are the expected columns of a Aqua file:

Header NameRequired
Registry
Image NameYes
Image Build Date
Image Digest
OSYes
Resource
Resource Type
Installed Version
Vulnerability NameYes
Publish Date
Referenced By
Vendor CVSS v2 Severity
Vendor CVSS v2 Score
Vendor CVSS v2 Vectors
Vendor CVSS v3 Severity
Vendor CVSS v3 Score
Vendor CVSS v3 Vectors
Vendor URL
NVD CVSS v2 Severity
NVD CVSS v2 Score
NVD CVSS v2 Vectors
NVD CVSS v3 Severity
NVD CVSS v3 Score
NVD CVSS v3 Vectors
NVD URL
Fix Version
Solution
Qualys IDs
DescriptionYes
Applied By
Applied On
Reverted By
Reverted On
Enforced By
Enforced On
vShield Status
Suppression Date
Base Image Vulnerability
Base Image Name
Aqua score
Aqua severity
Aqua Vectors
Aqua custom severity
Aqua custom notes
First Found on Image
Last Image Scan
Exploit Availability
Temporal Vector
Exploit Type
Namespace
Resource Path

Example Commands

Import Aqua scans to SSP #16 in RegScale using the files located in the scans folder.

  • regscale aqua import_aqua --regscale_ssp_id 16 --folder_path /home/bryan/Sync/scans

📘

NOTE: See All Scanner Integrations for information about how this updates Issues/POAMs

Updated 9 days ago