Nexpose (Rapid 7)
Rapid 7 Nexpose CLI Integration
This CLI is able to sync asset, scans and vulnerabilities from a folder containing Rapid7 Nexpose files.
nexpose
- Import a folder of Nexpose files and sync assets, vulnerabilities and scans to RegScale.
Nexpose Processing Workflow
The CLI will process each Nexpose file and load assets, vulnerabilities and scans to RegScale.
import_nexpose
Import Nexpose scans and assets to RegScale
Required parameters
-
regscale_ssp_id
The ID number from RegScale of the System Security Plan, required. -
folder_path
The full folder path where the Rapid7 Nexpose files are located.
Additional Information:
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.
Warning
Prisma and Nexpose files have the exact same file format and header information, so the CLI will not be able to discern differences. Please separate these file formats within your pipeline.
Below are the expected columns of a Nexpose file:
Header Name | Required |
---|---|
IP Address | Yes |
Hostname | Yes |
OS | Yes |
Vulnerability Title | Yes |
Vulnerability ID | Yes |
CVSSv2 Score | Yes |
CVSSv3 Score | Yes |
Description | Yes |
Proof | Yes |
Solution | Yes |
CVEs | Yes |
Example Commands
Import Nexpose scans to SSP #16 in RegScale using the files located in the nexpose_scans folder.
regscale nexpose import_nexpose --regscale_ssp_id 16 --folder_path /home/benjie/Sync/nexpose_scans
NOTE: See All Scanner Integrations for information about how this updates Issues/POAMs
Updated about 1 month ago