Contents: Related pages:
|
ThreadFix is a software vulnerability aggregation and management system that helps organizations to aggregate vulnerability data, automatically consolidating and merging imported results from scanning tools.
Kiuwan allows you to upload Kiuwan analyses results to ThreadFix for further analysis and action.
Basic usage of Kiuwan-ThreadFix integration consists on
There are some different ways to download Kiuwan results in ThreadFix format:
|
Click on "Export to ThreadFix" menu option at Code Security >> Vulnerabiltities
Then you will get a JSON file with the Kiuwan results exported in ThreadFix format.
The exported results will be those of the selected analysis.
You can use Kiuwan Local Analyzer's Command Line Interface (CLI) to download the results of any Kiuwan analysis.
Bear in mind that exporting the results is a different KLA invocation that run the analysis.
That is:
To indicate the analysis to be exported, you can either specify the application name (and last baseline analysis will be chosen) or the analysis Id (it can be a baseline analysis or a delivery analysis).
To download the results in ThreadFix format, you must use following KLA command-line-interface options:
--retrieve-data Download data from Kiuwan. An app name (-n) must be specified. If no analysis code (-ac) is specified, data from the last available baselines will be retrieved. An export format must be spceified (-f). Default: false -n, --softwareName Name of the target application -ac, --analysis-code In retrieve data mode, code that indentifies the analysis to get data from -f, --format In retrieve data mode, the export fomat. Available formats [threadfix] Available formats [threadfix] -o, --output-file In retrieve data mode, the output file location Example: |
Please visit following URL for details : Results of analysis#-«»ExportanalysisresultstoThreadFix