Import Vulnerabilities in bulk using CSV

Strobes provides support to onboard multiple vulnerabilities at once using the 'Import Bugs from CSV' connector. There is a format in which Strobes expects your data to be. The following explains the usage of certain essential options that are needed to import a vulnerabilities CSV file.

 

Table 1. Asset types and corresponding values

Asset Type Value
Web 1
Mobile  2
Network  3
Cloud 4

 

Table 2. Cloud types and corresponding values

Cloud Type  Value
Others 1
AWS 2
Azure 3

 

Table 3. Vulnerability level and corresponding values

Bug Level Value
Code 1
Web 2
Mobile 3
Network 4
Cloud 5
Package 6

 

Table 4. Severity and corresponding values

Severity Type Value
Info 1
Low 2
Medium 3
High 4
Critical 5

 

The following are the fields that are expected to be filled:

  • asset_target: This is the asset against which you want to log vulnerabilities. If you provide the value of an asset which is already existing, then the vulnerabilities will be logged against that asset. If you provide the value of an asset which does not exist, then a new asset will be created and the vulnerabilities will be logged against that asset.
  • asset_type: The type of the asset which you want to create. Refer to table 1 for the values that can be passed in this field.
  • hostname: The hostname of the asset against which you want to log a vulnerability. This is applicable only for network vulnerabilites.
  • mac_address: The mac address of the asset against which you want to log a vulnerabilitiy. This is applicable only for network vulnerabilities.
  • title: The title of the vulnerability which you want to log.
  • bug_level: The type of vulnerability which you want to log. Refer to table 3 for the values that can be passed in this field.
  • description: The description of the vulnerability which you are logging.
  • steps_to_reproduce: The steps to reproduce for the vulnerability which you are logging.
  • mitigation: The mitigation for the vulnerability which you are logging.
  • severity: The severity of the vulnerability which you are logging. Refer to table 4 for the values that can be passed in this field.
  • vulnerable_code: The vulnerable code snippet of the vulnerability which you are logging. This is applicable for only Code level vulnerabilities.
  • file_name: The name of the file which contains the vulnerability which you are logging. This is applicable for only Code level vulnerabilities.
  • start_line_number: The start line number of the vulnerable code snippet. This is applicable for only Code level vulnerabilities.
  • end_line_number: The end line number of the vulnerable code snippet. This is applicable for only Code level vulnerabilities.
  • affected_endpoint: The affected endpoint where the vulnerability exists. This is applicable for only Web level vulnerabilities.
  • request: The request of the affected endpoint where the vulnerability exists. This is applicable for only Web level vulnerabilities.
  • response: The response of the affected endpoint where the vulnerability exists. This is applicable for only Web level vulnerabilities.
  • port: The affected port number where the vulnerability has been identified. This is applicable for only Network level vulnerabilities.
  • package_name: The vulnerable package name. This is applicable for only Package level vulnerabilities.
  • affected_version: The affected version of the package. This is applicable for only Package level vulnerabilities.
  • installed_version: The currently installed version of the package. This is applicable for only Package level vulnerabilities.
  • fixed_version: The version of the package where the vulnerability has been fixed. This is applicable for only Package level vulnerabilities.
  • cve_list: The list of CVEs you need to report for the vulnerability being logged.
  • cwe_list: The list of CWEs you need to report for the vulnerability being logged.
  • tags_list: The list of tags you need to add for the vulnerability being logged.
  • region: The region of the asset where the vulnerability has been identified. This is applicable for only Cloud level vulnerabilities.
  • aws_category: The aws service against which the vulnerability is being logged. This is applicable for only Cloud level vulnerabilities.
  • aws_account_id: The aws account id against which the vulnerability is being logged. This is applicable for only Cloud level vulnerabilities.
  • cloud_type: The type of cloud for the vulnerability which is being logged. This is applicable for only Cloud level vulnerabilities.
  • azure_category: The azure service against which the vulnerability is being logged. This is applicable for only Cloud level vulnerabilities.
  • azure_resource: The azure resource against which the vulnerability is being logged. This is applicable for only Cloud level vulnerabilities.

 

Adding Web Vulnerabilities

The following are the fields for which data is expected to be provided for Web Vulnerabilities
Mandatory Fields:

  • asset_target: Provide the URL of your asset
  • asset_type: Provide the value as 1
  • title: Provide the title of the vulnerability you are creating
  • bug_level: Provide the value as 2
  • mitigation: Provide the mitigation for the vulnerability you are creating
  • severity: Provide the severity of the vulnerability you are creating. Refer to table 4
  • affected_endpoints: Provide the endpoints which are affected by the vulnerability you are creating

Optional Fields:

  • description: Provide a description for the vulnerability you are creating
  • steps_to_reproduce: Provide the steps to reproduce the vulnerability you are creating
  • request: Provide the HTTP Request for the vulnerable endpoint
  • response: Provide the HTTP Response for the vulnerability you are creating
  • cve_list: Provide the list of cves that are affecting the asset
  • cwe_list: Provide the list of cwes that are affecting the asset
  • tags_list: Provide a list of tags that you need to add for the vulnerability you are creating

 

Adding Code Vulnerabilities

The following are the fields for which data is expected to be provided for Code Vulnerabilities

Mandatory Fields:

  • asset_target: Provide the name/URL of your asset
  • asset_type: Provide the value as 1
  • title: Provide the title of the vulnerability you are creating
  • bug_level: Provide the value as 1
  • mitigation: Provide the mitigation for the vulnerability you are creating
  • severity: Provide the severity of the vulnerability you are creating. Refer to table 4
  • vulnerable_code: Provide the code snippet that is responsible for the vulnerability
  • file_name: Provide the name of the file that contains the vulnerability
  • start_line_number: Provide the start line number of the vulnerable code
  • end_line_number: Provide the end line number of the vulnerable code

Optional Fields:

  • description: Provide a description for the vulnerability you are creating
  • cve_list: Provide the list of cves that are affecting the asset
  • cwe_list: Provide the list of cwes that are affecting the asset
  • tags_list: Provide a list of tags that you need to add for the vulnerability you are creating

 

Adding Package Vulnerabilties

The following are the fields for which data is expected to be provided for Package Vulnerabilities

Mandatory Fields:

  • asset_target: Provide the name/URL of your asset
  • asset_type: Provide the value as 1
  • title: Provide the title of the vulnerability you are creating
  • bug_level: Provide the value as 6
  • mitigation: Provide the mitigation for the vulnerability you are creating
  • severity: Provide the severity of the vulnerability you are creating. Refer to table 4
  • package_name: Provide the name of the package that contains the vulnerability
  • affected_versions: Provide the list of package versions that are vulnerable

Optional Fields:

  • description: Provide a description for the vulnerability you are creating
  • installed_version: Provide the installed version of the package
  • fixed_version: Provide the fixed version of the package
  • cve_list: Provide the list of cves that are affecting the asset
  • cwe_list: Provide the list of cwes that are affecting the asset
  • tags_list: Provide a list of tags that you need to add for the vulnerability you are creating

 

Adding Network Vulnerabilities

The following are the fields for which data is expected to be provided for Network Vulnerabilities

Mandatory Fields:

  • asset_target: Provide the IP Address/Hostname of your asset
  • asset_type: Provide the value as 3
  • title: Provide the title of the vulnerability you are creating
  • bug_level: Provide the value as 4
  • mitigation: Provide the mitigation for the vulnerability you are creating
  • severity: Provide the severity of the vulnerability you are creating. Refer to table 4
  • port: Provide the port number which is running the service that is affected by the vulnerability you are creating

Optional Fields:

  • hostname: Provide the hostname of the asset which is affected by the vulnerability you are creating
  • description: Provide a description for the vulnerability you are creating
  • steps_to_reproduce: Provide the steps to reproduce the vulnerability you are creating
  • cve_list: Provide the list of cves that are affecting the asset
  • cwe_list: Provide the list of cwes that are affecting the asset
  • tags_list: Provide a list of tags that you need to add for the vulnerability you are creating

 

Adding Cloud Vulnerabilities

The following are the fields for which data is expected to be provided for Cloud Vulnerabilities

Mandatory Fields:

  • asset_target: Provide the name of your cloud asset
  • asset_type: Provide the value as 4
  • title: Provide the title of the vulnerability you are creating
  • bug_level: Provide the value as 5
  • mitigation: Provide the mitigation for the vulnerability you are creating
  • severity: Provide the severity of the vulnerability you are creating. Refer to table 4
  • cloud_type: Provide the type of cloud. Refer to table 2

Optional Fields:

  • description: Provide a description for the vulnerability you are creating
  • region: Provide the region of your cloud asset
  • aws_category: Provide the aws service which is affected by the vulnerability you are creating
  • aws_account_id: Provide the aws account id which is affected by the vulnerability you are creating
  • azure_category: Provide the azure category which is affected by the vulenerability you are creating
  • azure_resource: Provide the azure resource which is affected by the vulnerability you are creating
  • steps_to_reproduce: Provide the steps to reproduce the vulnerability you are creating
  • cve_list: Provide the list of cves that are affecting the asset
  • cwe_list: Provide the list of cwes that are affecting the asset
  • tags_list: Provide a list of tags that you need to add for the vulnerability you are creating

 

Instructions to Import Bugs:

  • Navigate to 'Connectors' and select 'Report Import'.



  • Select the 'Import Bugs from CSV' connector.
  • Click on 'Next'.
  • Select the CSV file where you have filled in all the relevant data.



  • If you need to merge the assets which you are about to upload with the assets which you have already added before, then Enable merging of asset.
  • Click on 'Upload' and your vulnerabilities will get added onto Strobes.

 

You can find examples of CSV files for different types of bugs here and here.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more