Grype

Grype Container Scanning integration

This CLI is able to sync asset, scans and vulnerabilities from a folder containing Grype .json scan files.

• grype - Import a folder of Grype .json scan files and sync assets, vulnerabilities and scans to RegScale.

Grype Processing Workflow

The CLI will process each Grype .json file and load assets, vulnerabilities and scans to RegScale.

• import_scans - Import Grype scans and assets to RegScale

Required Parameters

🚧

You cannot use folder_path along with aws-profile, s3-prefix, and s3-bucket. You also cannot use regscale_ssp_id and component_id.

• folder_path - The full folder path where the Grype .json files are located
• aws-profile - AWS profile to use for S3 acccess Used in conjunction with s3-prefix and s3-bucket
• s3-prefix - Prefix (folder path) within the S3 bucket Used in conjunction with aws-profile and s3-bucket
• s3-bucket - S3 bucket to download scan files from Used in conjunction with aws-profile and s3-prefix
• regscale_ssp_id - The ID number from RegScale of the System Security Plan
• component_id- The ID number from RegScale of the component

Optional Parameters

• scan_date - The date the scan was completed, if not provided it will use today's date
• destination - Directory to download the files to when using the aws & s3 options, if not provided it will use a temporary directory
• file_pattern - File pattern to use when determining which .json files to import

Additional Information:

The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.

Example Commands

Import Grype scans to Component #12 in RegScale using the files located in the scans folder.

• regscale grype import_scans --component_id 12 --folder_path /path/to/scans

📘

NOTE: See All Scanner Integrations for information about how this updates Issues/POAMs