rapid7appsec

Rapid7 AppSec integration allows the management of applications vulnerabilities and scans.

Utilities · Rapid7 - AppSec

Configuration parameters

  • url — Server URL (required)
  • api_key — API Key (required)
  • proxy — Use system proxy settings
  • insecure — Trust any certificate (not secure)

Commands (23)

  • app-sec-app-list

    List apps. An app owns scan configurations, schedules, scans, and vulnerabilities. Mainly used to understand vulnerabilities and scan configuration outputs. If an app_id is given, the command will return the information about the specific app.

  • app-sec-attack-documentation-get

    Get the documentation of an attack. The documentation contains the references and description about the attack and recommendations for handling it.

  • app-sec-attack-get

    Get the metadata of an attack. AppSec can attempt multiple variations of the same attack on a URL to ensure the security of your applications against a variety of attacks.

  • app-sec-attack-template-list

    List the attack templates. An attack template describes if and how attacks should be executed during the execution of a scan. Mainly used to understand the scan configuration outputs. If an attack_template_id is given, the command will return the information about the specific attack.

  • app-sec-engine-group-list

    List the engine groups. An engine group is a resource which defines a container for a logical grouping of engines and therefore the purpose of assigning scans to one of those engines. Mainly used to understand the scan configuration outputs. If an engine_group_id is given, the command will return the information about the specific engine group.

  • app-sec-engine-list

    List the engines. An engine encapsulates the state and high-level attributes of the components which may be installed and running on a specific on-premise host. If an engine_id is given, the command will return the information about the specific engine.

  • app-sec-module-list

    List the modules. If a module_id is given, the command will return the information about the specific module. Mainly used to understand the vulnerability outputs.

  • app-sec-scan-action-get

    Get any current scan action. Scan actions values are: "PAUSE", "RESUME", "STOP", "AUTHENTICATE", and "CANCEL". Relevant when the scan is Running and when the scan is on an action (Scan is on an action when moving between statuses. For example: After submitting a new action, the scan has an action before the new status is updated).

  • app-sec-scan-action-submit

    Submit a new scan action. Scan actions values are: PAUSE, RESUME, STOP, AUTHENTICATE, and CANCEL. Relevant when the scan status is Running. In case the action is Stop/ Cancel, the status of the scan should be Queued/ Pending/ Running/ Provisioning.

  • app-sec-scan-config-list

    List the scan configuration. A scan configuration defines all the necessary information required to perform a scan of an app. If a scan_config_id is given, the command will return the information about the specific scan configuration. Mainly used to submit scans.

  • app-sec-scan-delete

    Delete a scan. The scan must be FAILED or marked as FutureObsolete to be deleted.

  • app-sec-scan-engine-event-list

    List the engine events from a scan. These logs typically capture specific events that occur during the scanning process.

  • app-sec-scan-execution-details-get

    Get real-time details of the execution of a scan (for example: Coverage, Attack, and Network details).

  • app-sec-scan-list

    List scans. Scans attack the URLs in your app to identify behaviors that could be exploited by attackers. The specific attack types, URLs, and many other options are set in the scan configuration. If a scan_id is given, the command will return the information about the specific scan.

  • app-sec-scan-platform-event-list

    List the platform events from a scan. Platform logs are broader in scope and usually cover various activities and events related to the platform hosting the security scanning tool.

  • app-sec-scan-submit

    Submit a new scan. A scan encapsulates all the information for a single execution of the criteria defined in the provided scan configuration.

  • app-sec-vulnerability-comment-create

    Create a new vulnerability comment. A vulnerability comment is a resource that allows users to add context to the vulnerability.

  • app-sec-vulnerability-comment-delete

    Delete an existing vulnerability comment.

  • app-sec-vulnerability-comment-list

    List the vulnerability comments. If a comment_id is given, the command will return the information about the specific comment.

  • app-sec-vulnerability-comment-update

    Update an existing vulnerability comment.

  • app-sec-vulnerability-history-list

    List the history of changes for a vulnerability.

  • app-sec-vulnerability-list

    List vulnerabilities. Vulnerabilities are aspects of your app that can make it susceptible to attackers. If a vulnerability_id is given, the command will return the information about that specific vulnerability.

  • app-sec-vulnerability-update

    Update the severity or The status of the vulnerability.