DHS CISA
DHS-CISA CLI
This CLI is provided to ingest alerts and Known Exploitable Vulnerabilities (KEV) from Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS-CISA). The RegScale CLI tool will convert this public data feed into threats for use within the RegScale platform. It is commonly used to support Threat-Hunting and Threat-Based Risk Modeling for RegScale customers.
Init.yaml Configuration
There are two optional variables that will configure the CISA integration. These variables shouldn't be changed, unless DHS-CISA updates the site with different URLs:
cisaAlerts
- URL of cisa alerts pagecisaKev
- URL of the cisa KEV page
DHS-CISA Integration Workflow
DHS-CISA alerts and vulnerabilities can be easily ingested with the CLI tool. Below are some example commands:
regscale cisa ingest_cisa_kev
- The CLI will insert new vulnerabilities as RegScale threats, if the same threat already exists, it will be updated.regscale cisa ingest_cisa_alerts --year 2022
- The CLI will insert or update existing RegScale threats with all the published alerts from the year specified.
Updated 11 months ago