HomeGuidesAPI ReferenceChangelogDiscussions
Log In

Aqua Container Scanning integration

This CLI is able to sync asset, scans and vulnerabilities from a folder containing Aqua files.

  • aqua - Import a folder of Aqua files and sync assets, vulnerabilities and scans to RegScale.

Aqua Processing Workflow

The CLI will process each Aqua file and load assets, vulnerabilities and scans to RegScale.

  • import_aqua Import Aqua scans and assets to RegScale
Required parameters
  • regscale_ssp_id The ID number from RegScale of the System Security Plan, required.

  • folder_path The full folder path where the Aqua files are located.

Additional Information:

The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.

File Format

Below are the expected columns of a Aqua file:

  • Registry
  • Image Name
  • Image Build Date
  • Image Digest
  • OS
  • Resource
  • Resource Type
  • Installed Version
  • Vulnerability Name
  • Publish Date
  • Referenced By
  • Vendor CVSS v2 Severity
  • Vendor CVSS v2 Score
  • Vendor CVSS v2 Vectors
  • Vendor CVSS v3 Severity
  • Vendor CVSS v3 Score
  • Vendor CVSS v3 Vectors
  • Vendor URL
  • NVD CVSS v2 Severity
  • NVD CVSS v2 Score
  • NVD CVSS v2 Vectors
  • NVD CVSS v3 Severity
  • NVD CVSS v3 Score
  • NVD CVSS v3 Vectors
  • Fix Version
  • Solution
  • Qualys IDs
  • Description
  • Applied By
  • Applied On
  • Reverted By
  • Reverted On
  • Enforced By
  • Enforced On
  • vShield Status
  • Suppression Date
  • Base Image Vulnerability
  • Base Image Name
  • Aqua score
  • Aqua severity
  • Aqua Vectors
  • Aqua custom severity
  • Aqua custom notes
  • First Found on Image
  • Last Image Scan
  • Exploit Availability
  • Temporal Vector
  • Exploit Type
  • Namespace
  • Resource Path

Example Commands

Import Aqua scans to SSP #16 in RegScale using the files located in the burp_scans folder.

  • regscale aqua import_aqua --regscale_ssp_id 16 --folder_path /home/bryan/Sync/burp_scans