Sicura
Sicura CLI
This CLI is provided to perform batch processing of nodes and their scans from Sicura. It is designed to perform bulk processing of RegScale Assets and Security Checks to create, update, and otherwise sync with Sicura. The CLI currently supports the below functionality:
sync_nodes
- syncs nodes and their most recent scan to RegScale as assets and security checks
Init.yaml Configuration
There are two pieces of information needed to configure the Sicura integration via the CLI:
sicuraUrl
- The URL for your Sicura instancesicuraToken
- default_admin_token from sicura-console.yaml configuration
The first step is to get the Sicura URL for your organization's account. This is the base URL of your Sicura instance. An example Sicura URL is as follows: https://my-company.sicura.us/
.
Now, we will either need to set the default admin token or use the one that is currently set in /etc/sicura/sicura-console.yaml
. Please follow the steps from Sicura's documentation to set your default admin token if it isn't already set. Once it has been configured, enter that admin token as the value for sicuraToken
in the init.yaml
file for the RegScale CLI.
Nodes & Scans Processing Workflow
The CLI currently supports processing nodes from Sicura as Assets in RegScale and the node's scans as Security Checks for the Assets in RegScale. The nodes and scans processing workflow is shown below:
- The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
- The user then calls the CLI to sync Sicura nodes and scans while setting the following flags:
regscale_id
- the ID # of the RegScale record to associate the nodes and scans from Sicura as Assets and Security Checksregscale_module
- the RegScale module of the record to associate the nodes and scans as Assets and Security Checks, please view RegScale Modules for options.node_id
- Specify a specific Node from Sicura by using it's ID # or the parent Node ID # to get it's children, if not provided, the CLI will sync all nodes from Sicura
- The CLI then retrieves all nodes, or the specified node ID if provided, from Sicura as well as their scans
- The CLI then retrieves all Assets and their Security Checks from RegScale
- The CLI then processes through all retrieved records and does the following:
- Sees if RegScale has the node as an Asset in RegScale, if not an Asset is created in RegScale with the Sicura node ID is set as the Sicura ID in RegScale for the Asset for easier matching in the future
- Sees if the RegScale Asset has all Sicura scans as Security Checks for the RegScale record
- If none are present, they will be created automatically
- If there are Security Checks already present, they will be updated with the newest information from Sicura
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of any issues.
Sync Nodes CLI Command Example
The following command provides an example of processing Sicura nodes and scans for a given RegScale System Security Plan (SSP). These commands can be easily adapted for the customer's specific use case. The steps are shown below:
- Log into RegScale to set the token which is good for 24 hours and will secure all future RegScale API calls (NOTE: You can skip this step if you are using a RegScale Service Account)
regscale login
- Process the Sicura Node and Scans for node ID # 5
regscale sicura sync_nodes --regscale_id=5 --regscale_module="securityplans" --node_id 5
Init.yaml Example
For a basic Jira integration with RegScale, the following init.yaml
structure is necessary (example/notional key structure shown below, replace with actual customer keys):
domain: https://mycompany.regscale.com
token: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVC38.eyJzdWIiOiJob3dpZWF2cCIsImp0aSI6ImI0NDIxMjRhLTYxOWEtNGI1Mi1hMzUzLTA5YzdjZTRmM2JmOCIsImlhdCI6MTY0NDc4NzY4MiwiaHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eS9jbGFpbXMvbmFtZWlkZW50aWZpZXIiOiJjOWY1NzllMi1hOGM4LTRjMDItOGU5MS1jZTEyMmExYWE1MTciLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiaG93aWVhdnAiLCJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dzLzIwMDgvMDYvaWRlbnRpdHkvY2xhaW1zL3JvbGUiOiJBZG1pbmlzdHJhdG9yIiwibmJmIjoxNjQ0Nzg3NjgyLCJleHAiOjE2NDQ4NzQwODIsImlzcyI6IkF0bGFzIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDAwLyJ9.SkjmRktGLkljysVeoRqcx_hHiVR2gjcA2uZiSJbVkPc
userId: c9f579e2-a8c9-4c02-8e91-ce122a1aa518
sicuraUrl: https://regcale.sicura.us/
sicuraToken: myADMIN-p@$$w0rD!
Building a Bash Script to Execute the CLI
You can chain together RegScale CLI commands using scripts. These scripts could be in Bash, Python, PowerShell, etc. Below is an example Bash file (named "syncSicura.sh") in Ubuntu for executing the Sicura command using the RegScale CLI that pulls all nodes and scans after authenticating and assigns them to a specific record in RegScale:
#!/bin/sh
regscale login
regscale sicura sync_nodes --regscale_id=5 --regscale_module="securityplans"
To execute the Bash file, run this command: ./syncSicura.sh
. You can chain together any arbitrary set of CLI commands to have them execute sequentially.
Updated 9 months ago