rapid7appsec
Rapid7 AppSec integration allows the management of applications vulnerabilities and scans.
Utilities · Rapid7 - AppSec
Configuration parameters
url— Server URL (required)api_key— API Key (required)proxy— Use system proxy settingsinsecure— Trust any certificate (not secure)
Commands (23)
-
app-sec-app-listList apps. An app owns scan configurations, schedules, scans, and vulnerabilities. Mainly used to understand vulnerabilities and scan configuration outputs. If an app_id is given, the command will return the information about the specific app.
-
app-sec-attack-documentation-getGet the documentation of an attack. The documentation contains the references and description about the attack and recommendations for handling it.
-
app-sec-attack-getGet the metadata of an attack. AppSec can attempt multiple variations of the same attack on a URL to ensure the security of your applications against a variety of attacks.
-
app-sec-attack-template-listList the attack templates. An attack template describes if and how attacks should be executed during the execution of a scan. Mainly used to understand the scan configuration outputs. If an attack_template_id is given, the command will return the information about the specific attack.
-
app-sec-engine-group-listList the engine groups. An engine group is a resource which defines a container for a logical grouping of engines and therefore the purpose of assigning scans to one of those engines. Mainly used to understand the scan configuration outputs. If an engine_group_id is given, the command will return the information about the specific engine group.
-
app-sec-engine-listList the engines. An engine encapsulates the state and high-level attributes of the components which may be installed and running on a specific on-premise host. If an engine_id is given, the command will return the information about the specific engine.
-
app-sec-module-listList the modules. If a module_id is given, the command will return the information about the specific module. Mainly used to understand the vulnerability outputs.
-
app-sec-scan-action-getGet any current scan action. Scan actions values are: "PAUSE", "RESUME", "STOP", "AUTHENTICATE", and "CANCEL". Relevant when the scan is Running and when the scan is on an action (Scan is on an action when moving between statuses. For example: After submitting a new action, the scan has an action before the new status is updated).
-
app-sec-scan-action-submitSubmit a new scan action. Scan actions values are: PAUSE, RESUME, STOP, AUTHENTICATE, and CANCEL. Relevant when the scan status is Running. In case the action is Stop/ Cancel, the status of the scan should be Queued/ Pending/ Running/ Provisioning.
-
app-sec-scan-config-listList the scan configuration. A scan configuration defines all the necessary information required to perform a scan of an app. If a scan_config_id is given, the command will return the information about the specific scan configuration. Mainly used to submit scans.
-
app-sec-scan-deleteDelete a scan. The scan must be FAILED or marked as FutureObsolete to be deleted.
-
app-sec-scan-engine-event-listList the engine events from a scan. These logs typically capture specific events that occur during the scanning process.
-
app-sec-scan-execution-details-getGet real-time details of the execution of a scan (for example: Coverage, Attack, and Network details).
-
app-sec-scan-listList scans. Scans attack the URLs in your app to identify behaviors that could be exploited by attackers. The specific attack types, URLs, and many other options are set in the scan configuration. If a scan_id is given, the command will return the information about the specific scan.
-
app-sec-scan-platform-event-listList the platform events from a scan. Platform logs are broader in scope and usually cover various activities and events related to the platform hosting the security scanning tool.
-
app-sec-scan-submitSubmit a new scan. A scan encapsulates all the information for a single execution of the criteria defined in the provided scan configuration.
-
app-sec-vulnerability-comment-createCreate a new vulnerability comment. A vulnerability comment is a resource that allows users to add context to the vulnerability.
-
app-sec-vulnerability-comment-deleteDelete an existing vulnerability comment.
-
app-sec-vulnerability-comment-listList the vulnerability comments. If a comment_id is given, the command will return the information about the specific comment.
-
app-sec-vulnerability-comment-updateUpdate an existing vulnerability comment.
-
app-sec-vulnerability-history-listList the history of changes for a vulnerability.
-
app-sec-vulnerability-listList vulnerabilities. Vulnerabilities are aspects of your app that can make it susceptible to attackers. If a vulnerability_id is given, the command will return the information about that specific vulnerability.
-
app-sec-vulnerability-updateUpdate the severity or The status of the vulnerability.