Already a NinjaOne customer? Log in to view more guides and the latest updates.

NinjaOne Endpoint Management: Automating the Vulnerability Import Process

reviewed by Ian Crego
  • Last Updated March 9, 2026

Topic

This article discusses how to set up automation for the Vulnerability Import process in NinjaOne.

Environment

NinjaOne Endpoint Management

Description

Vulnerability management for networks and systems is an ongoing process that requires continuous attention and adaptation to emerging threats and vulnerabilities. In an effort to support customers in this process, we created a series of APIs to meet your needs for automating the vulnerability import process.

The Vulnerability Import API

The API allows you to:

  • Get a list of existing scan groups.
  • Import comma-separated values (CSV) to an existing scan group.
  • Check the status of a CSV import.

While each vulnerability tool exports Common Vulnerabilities and Exposures (CVE) or endpoint results slightly differently, nearly all allow export to CSV with a machine identifier (hostname, IP address, or operating system address) and a CVE identification (ID) number. This set of Application Programming Interfaces (APIs) will enable you to import from any third-party tools that support CSV export.

To accelerate the adoption of automation capability, we provide sample PowerShell functions and a sample script in our Custom Script: Vulnerability Importer article. The following sample functions exist in the script, and you can use them in other, more custom scripts:

  • Get-NinjaToken
  • Get-BaseSettings
  • Get-VulScanGroups
  • New-VulScanImport

In the sample PowerShell script, you can use these functions to check a shared or local folder for new Vulnerability Export CSV files, import to NinjaOne, check the status until complete, and write logs.

Note that you must perform the initial creation and import of a scan group inside NinjaOne to leverage the scan group later via API. Refer to Vulnerability Management in NinjaOne: Import Scan Data to learn more.

Description Script Variable Example

You can set the following values in the script to handle secure credential and token storage and access according to your organization's best practices:
Function nameScript variableExample
NinjaOne environment URL$BaseURLca.ninjarmm.com
Folder path$PathtoCSV"C:vulndata" or "\servernamevuln"
CSV file naming convention$CSVName$CSVName "VulnExport_"
Scan Group ID$ScanGroupID2

Additional Resources

To create or download your own vulnerability importer script, refer to our Custom Script: Vulnerability Importer article.

FAQ

Next Steps