Skip to main content

Security Dashboard

  • Get scan-compliance

    • To get the scan-compliance for all the applications across all the workspace use command:

      initz get scan-compliance

    • To get the scan-compliance for all the applications of specific workspace use command:

      initz get scan-compliance --workspaceid=<workspaceID>

    • To get the scan-compliance for specific application use command:

      initz get scan-compliance --appid=<appId>
      info

      • If your application is not in the current workspace, don't forget to set the workspace. To set the workspace use command :

        initz set workspace --workspaceid=<workspaceID>

        OR

        You can run the command directly:

        initz get scan-compliance --appid=<appID> --workspaceid=<workspaceID>

  • Get the CVE(Common Vulnerabilities and Exposures)

    • To get the cves for all the applications across all the workspaces use command : 
      initz get app-cves
    • To get the cves for all the applications of specific workspace use command : 
      initz get app-cves --workspaceid=<workspaceID>
    • To get the cves for specific application use command: 
      initz get app-cves --appid=<appID>
      If your application is not in current workspace use command : 
      initz get app-cves --appid=<appID> --workspaceid=<workspaceID>

  • Get Overall Exploit Probability

    • Use command : 
      initz get oep --appid=<appID>

  • Get CVE Trend

    • Use command : 
      initz get cve-trend --appid=<appID>

  • Get Application Vulnerabilities

    • Use command :

      initz get vuln --appid=<appID>

      Running this command will provide you CVE ID,severity,exploit probability ,package name ,version. You can use CVE IDs associated with the application's vulnerabilities to obtain detailed descriptions of each specific vulnerability.

      • To get the detailed description of CVE use command : 
        initz describe app-cve --cveid=<CVEID>

  • Get Licenses For Application

    • Use command : 
      initz get licenses --appid=<appID>
    • To get detailed description of each license use command : 
      initz describe license --licenseid=<licenseID>

  • To download SBOM(Software Bill of Materials)

    • Use command : 
      initz download app-sbom --appid=<appid> --format=<spdx/cydx>

  • To download CVE(Common Vulnerabilities and Exposures)

    • Use command : 
      initz download app-cves --appid=<appid> --format=<spdx/cydx>
important
  • By default, the runtype for each security command is set to 'non-prod'. To change it to 'prod', simply add the argument --runtype="prod" to the command.
Last updated on