Automating the Vulnerability Import Process

Topic

This article discusses how to set up automation for the Vulnerability Import process in NinjaOne.

Environment

NinjaOne Vulnerability Management

Description

Vulnerability management for networks and systems is an ongoing, iterative process that requires continuous attention and adaptation to emerging threats and vulnerabilities. In an effort to support customers in this process, a series of APIs was created to meet the needs of NinjaOne customers for automating the vulnerability import process.

The Vulnerability Import API

The API allows you to:

• Get a list of existing scan groups.
• Import a CSV to an existing scan group.
• Check the status of a CSV import.

While each vulnerability tool exports CVE/endpoint results slightly differently, nearly all allow export to CSV with a machine identifier (hostname, IP address, or MAC address) and a CVE ID. This set of APIs will enable customers to import from any third-party tools that support CSV export.

To accelerate the adoption of automation capability, sample PowerShell functions and a sample script are provided in our Vulnerability Importer Sample Script article. The following sample functions exist in the script and can be used in other, more custom scripts:

• Get-NinjaToken
• Get-BaseSettings
• Get-VulScanGroups
• New-VulScanImport

In the sample PowerShell script, these functions are used to check a shared or local folder for new Vulnerability Export CSV files, import to NinjaOne, check status until complete, and write logs. Note that you must perform the initial creation and import of a scan group inside NinjaOne to leverage the scan group later via API. Refer to Vulnerability Management in NinjaOne: Import Scan Data to learn more.

Description script variable example

Set the following values in the script:

Additional Resources

To create or download your own vulnerability importer script, refer to our Vulnerability Importer Sample Script article.