OpenRMF Professional v2.6 Released, API Included!

OpenRMF Professional v2.6 — Cyber Compliance Automation

Using the API for SCAP and Checklists

curl -X POST -H "Accept: application/json" -H "Authorization: Bearer {TOKEN-Generated}" -F "checklistFile=@./{Filename for SCAP XCCDF or CKL}" https://{OpenRMF-URL}/api/external/systempackage/SYSTEMKEY/scapchecklist/\?applicationKey\=APIKEY
  • matching SCAP to Checklist, if SCAP
  • Saving the data
  • Calculating the Checklist Score — Vulnerability numbers
  • Updating the overall System Package Checklist Score
  • If an update, creating a historical record of the checklist
  • Automated updating of your POAM if created inside the system package
  • Automated updating of report data for data calls, reports, exporting data

Using the API for Nessus/ACAS Data

curl -X POST -H "Accept: application/json" -H "Authorization: Bearer {TOKEN-Generated}" -F "patchscanFile=@./{Filename of patch scan}.nessus" https://{OpenRMF-URL}/api/external/systempackage/SYSTEMKEY/patchscan/\?applicationKey\=APIKEY
  • Pulling out patch vulnerability data
  • Updating the patch score (total vulnerability count) of each individual device
  • Updating the patch score of the whole system package
  • Saving the device listing for the Hardware bill of materials
  • Saving the software listing for the Software bill of materials
  • Saving the ports / protocols / services (PPSM) that come from the scan of actual PPS running on those devices
  • Automated updating of your POAM if created inside the system package
  • Automated updating of report data for data calls, reports, exporting data

Other API Calls

  • Test Authentication
  • List System Package information and Checklists
  • Download a Checklist to CKL
  • Get the total System Package Checklist Vulnerability Score
  • Get the total System Package Patch Vulnerability Score
  • Download the Hardware List
  • Download the Software List
  • Download the PPSM List
  • Download the POAM List

Calculate the Cost Reduction in Time and $$$

Try the Evaluation on Your Own Network

Get a Demo

Automation. Less Stress. Time and Money Saved.

--

--

--

CEO of Soteria Software. Developer on OpenRMF. Software Geek by trade. Father of three daughters. Husband. Love new tech where it fits. Follow at @soteriasoft

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

COWCOW APP Klaytn Wallet 서비스 종료 안내

“Should Facial Recognition Companies have access to Children’s Biometric Data?”

Secure Bike Storage in Tanterton #Safe #Bicycle #Storage #Shelters #Tanterton https://t.co/hOd0Pp3Y3

Nextup.ai Data Residency Offerings

Stake with CertiK on Binance Smart Chain!

The Law on Protection of Personal Data Explained in 20 Questions

Clicking Suspicious Links? Better Think Twice!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Dale Bingham

Dale Bingham

CEO of Soteria Software. Developer on OpenRMF. Software Geek by trade. Father of three daughters. Husband. Love new tech where it fits. Follow at @soteriasoft

More from Medium

Setting a Dynamic Date filter in QuickSight (AWS)

CDK Example — How to create a S3 secure Bucket resource

Github Actions — Mask Every secret

Easy way to resolve Oracle Cloud “Out of Capacity” error while creating Compute instance (using…