This CLI is provided to ingest alerts and Known Exploitable Vulnerabilities (KEV) from Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS-CISA). The RegScale CLI tool will convert this public data feed into threats for use within the RegScale platform. It is commonly used to support Threat-Hunting and Threat-Based Risk Modeling for RegScale customers.
There are two optional variables that will configure the CISA integration. These variables shouldn't be changed, unless DHS-CISA updates the site with different URLs:
cisaAlerts- URL of cisa alerts page
cisaKev- URL of the cisa KEV page
DHS-CISA alerts and vulnerabilities can be easily ingested with the CLI tool. Below are some example commands:
regscale cisa ingest_cisa_kev- The CLI will insert new vulnerabilities as RegScale threats, if the same threat already exists, it will be updated.
regscale cisa ingest_cisa_alerts --year 2022- The CLI will insert or update existing RegScale threats with all the published alerts from the year specified.
Updated 3 months ago