Aqua
Aqua Container Scanning integration
This CLI is able to sync asset, scans and vulnerabilities from a folder containing Aqua files.
aqua- Import a folder of Aqua files and sync assets, vulnerabilities and scans to RegScale.
Aqua Processing Workflow
The CLI will process each Aqua file and load assets, vulnerabilities and scans to RegScale.
import_aquaImport Aqua scans and assets to RegScale
Required parameters
-
regscale_ssp_idThe ID number from RegScale of the System Security Plan, required. -
folder_pathThe full folder path where the Aqua files are located.
Additional Information:
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.
File Format
Below are the expected columns of a Aqua file:
- Registry
- Image Name
- Image Build Date
- Image Digest
- OS
- Resource
- Resource Type
- Installed Version
- Vulnerability Name
- Publish Date
- Referenced By
- Vendor CVSS v2 Severity
- Vendor CVSS v2 Score
- Vendor CVSS v2 Vectors
- Vendor CVSS v3 Severity
- Vendor CVSS v3 Score
- Vendor CVSS v3 Vectors
- Vendor URL
- NVD CVSS v2 Severity
- NVD CVSS v2 Score
- NVD CVSS v2 Vectors
- NVD CVSS v3 Severity
- NVD CVSS v3 Score
- NVD CVSS v3 Vectors
- NVD URL
- Fix Version
- Solution
- Qualys IDs
- Description
- Applied By
- Applied On
- Reverted By
- Reverted On
- Enforced By
- Enforced On
- vShield Status
- Suppression Date
- Base Image Vulnerability
- Base Image Name
- Aqua score
- Aqua severity
- Aqua Vectors
- Aqua custom severity
- Aqua custom notes
- First Found on Image
- Last Image Scan
- Exploit Availability
- Temporal Vector
- Exploit Type
- Namespace
- Resource Path
Example Commands
Import Aqua scans to SSP #16 in RegScale using the files located in the burp_scans folder.
regscale aqua import_aqua --regscale_ssp_id 16 --folder_path /home/bryan/Sync/burp_scans
Updated about 1 month ago