HelloWorld

This is the Hello World integration for getting started and learn how to build an integration with Cortex XSOAR. You can check the Design Document of this integration here.

Please make sure you look at the integration source code and comments.

This integration was built to interact with the sample SOAR Hello World API To check the API source code go to GitHub.

Configure HelloWorld on Cortex XSOAR

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for HelloWorld.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
urlServer URL (e.g. https://soar.monstersofhack.com\)True
isFetchFetch incidentsFalse
incidentTypeIncident typeFalse
max_fetchMaximum number of incidents per fetchFalse
apikeyAPI KeyTrue
threshold_ipScore threshold for ip reputation command (0-100)False
threshold_domainScore threshold for domain reputation command (0-100)False
alert_statusFetch alerts with status (ACTIVE, CLOSED)False
alert_typeFetch alerts with typeFalse
min_severityMinimum severity of alerts to fetchTrue
first_fetchFirst fetch timeFalse
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
  1. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

helloworld-say-hello


Hello command - prints hello to anyone.

Base Command

helloworld-say-hello

Input

Argument NameDescriptionRequired
nameThe name of whom you want to say hello to.Optional

Context Output

PathTypeDescription
helloStringShould be Hello **something** here.

Command Example

!helloworld-say-hello name="Hello Dbot"

Context Example

{
"hello": "Hello Hello Dbot"
}

Human Readable Output

Hello Hello Dbot

helloworld-search-alerts


Search HelloWorld Alerts.

Base Command

helloworld-search-alerts

Input

Argument NameDescriptionRequired
severityFilter by alert severity. Comma-separated value (Low,Medium,High,Critical)Optional
statusFilter by alert status.Optional
alert_typeFilter by alert typeOptional
max_resultsMaximum results to return.Optional
start_timeFilter by start time.
Examples:
"3 days ago"
"1 month"
"2019-10-10T12:22:00"
"2019-10-10"
Optional

Context Output

PathTypeDescription
HelloWorld.Alert.alert_idStringAlert ID.
HelloWorld.Alert.alert_statusStringAlert status. Can be 'ACTIVE' or 'CLOSED'.
HelloWorld.Alert.alert_typeStringAlert type. For example 'Bug' or 'Vulnerability'.
HelloWorld.Alert.createdDateAlert created time. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
HelloWorld.Alert.nameStringAlert name.
HelloWorld.Alert.severityStringAlert severity. Can be 'Low', 'Medium', 'High' or 'Critical'.

Command Example

!helloworld-search-alerts severity="Critical" start_time="3 days" max_results=2 status="ACTIVE"

Context Example

{
"HelloWorld": {
"Alert": [
{
"alert_id": "158cfeb2-84bf-498d-a10d-a55c3445d76e",
"alert_status": "ACTIVE",
"alert_type": "Feature",
"created": "2020-05-06T20:39:07.000Z",
"name": "Hello World Alert of type Feature",
"severity": "Critical"
},
{
"alert_id": "c61eec7e-3114-46e2-be71-a82572b98fc3",
"alert_status": "ACTIVE",
"alert_type": "Bug",
"created": "2020-05-06T07:49:51.000Z",
"name": "Hello World Alert of type Bug",
"severity": "Critical"
}
]
}
}

Human Readable Output

Results

alert_idalert_statusalert_typecreatednameseverity
158cfeb2-84bf-498d-a10d-a55c3445d76eACTIVEFeature2020-05-06T20:39:07.000ZHello World Alert of type FeatureCritical
c61eec7e-3114-46e2-be71-a82572b98fc3ACTIVEBug2020-05-06T07:49:51.000ZHello World Alert of type BugCritical

helloworld-get-alert


Retrieve alert extra data by ID.

Base Command

helloworld-get-alert

Input

Argument NameDescriptionRequired
alert_idAlert ID.Required

Context Output

PathTypeDescription
HelloWorld.Alert.alert_idStringAlert ID.
HelloWorld.Alert.createdDateAlert created time. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
HelloWorld.Alert.descriptionStringAlert description.
HelloWorld.Alert.device_idStringID of the device involved in the alert.
HelloWorld.Alert.device_ipStringIP Address of the device involved in the alert.
HelloWorld.Alert.locationStringLocation of the device involved in the alert.
HelloWorld.Alert.userStringUser involved in the alert.

Command Example

!helloworld-get-alert alert_id=695b3238-05d6-4934-86f5-9fff3201aeb0

Context Example

{
"HelloWorld": {
"Alert": {
"alert_id": "695b3238-05d6-4934-86f5-9fff3201aeb0",
"created": "2020-05-08T22:21:01.000Z",
"description": "Your processor has processed too many instructions. Turn it off immediately, do not type any commands!!",
"device_id": "d3c06d55-0adc-4c60-bf40-8316006ae954",
"device_ip": "76.224.87.171",
"location": "Medina Station",
"user": "Sugar Man"
}
}
}

Human Readable Output

HelloWorld Alert 695b3238-05d6-4934-86f5-9fff3201aeb0

alert_idcreateddescriptiondevice_iddevice_iplocationuser
695b3238-05d6-4934-86f5-9fff3201aeb02020-05-08T22:21:01.000ZYour processor has processed too many instructions. Turn it off immediately, do not type any commands!!d3c06d55-0adc-4c60-bf40-8316006ae95476.224.87.171Medina StationSugar Man

helloworld-update-alert-status


Update the status for an alert.

Base Command

helloworld-update-alert-status

Input

Argument NameDescriptionRequired
alert_idAlert ID to update.Required
statusNew status of the alert.Required

Context Output

PathTypeDescription
HelloWorld.Alert.alert_idStringAlert ID.
HelloWorld.Alert.updatedDateAlert update time. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
HelloWorld.Alert.alert_statusStringAlert status. Can be 'ACTIVE' or 'CLOSED'.

Command Example

!helloworld-update-alert-status alert_id=695b3238-05d6-4934-86f5-9fff3201aeb0 status="CLOSED"

Context Example

{
"HelloWorld": {
"Alert": {
"alert_id": "695b3238-05d6-4934-86f5-9fff3201aeb0",
"alert_status": "CLOSED",
"updated": "2020-05-08T22:21:05.000Z"
}
}
}

Human Readable Output

HelloWorld Alert 695b3238-05d6-4934-86f5-9fff3201aeb0

alert_idalert_statusupdated
695b3238-05d6-4934-86f5-9fff3201aeb0CLOSED2020-05-08T22:21:05.000Z

ip


Return IP information and reputation

Base Command

ip

Input

Argument NameDescriptionRequired
ipList of IPs.Optional
thresholdIf the IP has reputation above the threshold then the IP defined as malicious. If threshold not set, then threshold from instance configuration is used.Optional

Context Output

PathTypeDescription
DBotScore.IndicatorStringThe indicator that was tested.
DBotScore.ScoreNumberThe actual score.
DBotScore.TypeStringThe indicator type.
DBotScore.VendorStringThe vendor used to calculate the score.
HelloWorld.IP.asnStringThe autonomous system name for the IP address.
HelloWorld.IP.asn_cidrStringThe ASN CIDR.
HelloWorld.IP.asn_country_codeStringThe ASN country code.
HelloWorld.IP.asn_dateDateThe date on which the ASN was assigned.
HelloWorld.IP.asn_descriptionStringThe ASN description.
HelloWorld.IP.asn_registryStringThe registry the ASN belongs to.
HelloWorld.IP.entitiesStringEntities associated to the IP.
HelloWorld.IP.ipStringThe actual IP address.
HelloWorld.IP.network.cidrStringNetwork CIDR for the IP address.
HelloWorld.IP.network.countryUnknownThe country of the IP address.
HelloWorld.IP.network.end_addressStringThe last IP address of the CIDR.
HelloWorld.IP.network.events.actionStringThe action that happened on the event.
HelloWorld.IP.network.events.actorUnknownThe actor that performed the action on the event.
HelloWorld.IP.network.events.timestampStringThe timestamp when the event occurred.
HelloWorld.IP.network.handleStringThe handle of the network.
HelloWorld.IP.network.ip_versionStringThe IP address version.
HelloWorld.IP.network.linksStringLinks associated to the IP address.
HelloWorld.IP.network.nameStringThe name of the network.
HelloWorld.IP.network.notices.descriptionStringThe description of the notice.
HelloWorld.IP.network.notices.linksUnknownLinks associated with the notice.
HelloWorld.IP.network.notices.titleStringTitle of the notice.
HelloWorld.IP.network.parent_handleStringHandle of the parent network.
HelloWorld.IP.network.rawUnknownAdditional raw data for the network.
HelloWorld.IP.network.remarksUnknownAdditional remarks for the network.
HelloWorld.IP.network.start_addressStringThe first IP address of the CIDR.
HelloWorld.IP.network.statusStringStatus of the network.
HelloWorld.IP.network.typeStringThe type of the network.
HelloWorld.IP.queryStringIP address that was queried.
HelloWorld.IP.rawUnknownAdditional raw data for the IP address.
HelloWorld.IP.scoreNumberReputation score from HelloWorld for this IP (0 to 100, where higher is worse).
IP.AddressStringIP address.
IP.Malicious.VendorStringThe vendor reporting the IP address as malicious.
IP.Malicious.DescriptionStringA description explaining why the IP address was reported as malicious.
IP.ASNStringThe autonomous system name for the IP address.

Command Example

!ip ip="8.8.8.8"

Context Example

{
"DBotScore": {
"Indicator": "8.8.8.8",
"Score": 2,
"Type": "ip",
"Vendor": "HelloWorld"
},
"HelloWorld": {
"IP": {
"asn": "15169",
"asn_cidr": "8.8.8.0/24",
"asn_country_code": "US",
"asn_date": "1992-12-01",
"asn_description": "GOOGLE, US",
"asn_registry": "arin",
"entities": [
"GOGL"
],
"ip": "8.8.8.8",
"network": {
"cidr": "8.8.8.0/24",
"country": null,
"end_address": "8.8.8.255",
"events": [
{
"action": "last changed",
"actor": null,
"timestamp": "2014-03-14T15:52:05-04:00"
},
{
"action": "registration",
"actor": null,
"timestamp": "2014-03-14T15:52:05-04:00"
}
],
"handle": "NET-8-8-8-0-1",
"ip_version": "v4",
"links": [
"https://rdap.arin.net/registry/ip/8.8.8.0",
"https://whois.arin.net/rest/net/NET-8-8-8-0-1",
"https://rdap.arin.net/registry/ip/8.0.0.0/9"
],
"name": "LVLT-GOGL-8-8-8",
"notices": [
{
"description": "By using the ARIN RDAP/Whois service, you are agreeing to the RDAP/Whois Terms of Use",
"links": [
"https://www.arin.net/resources/registry/whois/tou/"
],
"title": "Terms of Service"
},
{
"description": "If you see inaccuracies in the results, please visit: ",
"links": [
"https://www.arin.net/resources/registry/whois/inaccuracy_reporting/"
],
"title": "Whois Inaccuracy Reporting"
},
{
"description": "Copyright 1997-2020, American Registry for Internet Numbers, Ltd.",
"links": null,
"title": "Copyright Notice"
}
],
"parent_handle": "NET-8-0-0-0-1",
"raw": null,
"remarks": null,
"start_address": "8.8.8.0",
"status": [
"active"
],
"type": "ALLOCATION"
},
"query": "8.8.8.8",
"raw": null,
"score": 45
}
},
"IP": {
"ASN": "15169",
"Address": "8.8.8.8"
}
}

Human Readable Output

IP List

asnasn_cidrasn_country_codeasn_dateasn_descriptionasn_registryentitiesipnetworkqueryrawscore
151698.8.8.0/24US1992-12-01GOOGLE, USarinGOGL8.8.8.8handle: NET-8-8-8-0-1
status: active
remarks: null
notices: {'title': 'Terms of Service', 'description': 'By using the ARIN RDAP/Whois service, you are agreeing to the RDAP/Whois Terms of Use', 'links': ['https://www.arin.net/resources/registry/whois/tou/']},
{'title': 'Whois Inaccuracy Reporting', 'description': 'If you see inaccuracies in the results, please visit: ', 'links': ['https://www.arin.net/resources/registry/whois/inaccuracy_reporting/']},
{'title': 'Copyright Notice', 'description': 'Copyright 1997-2020, American Registry for Internet Numbers, Ltd.', 'links': None}
links: https://rdap.arin.net/registry/ip/8.8.8.0,
https://whois.arin.net/rest/net/NET-8-8-8-0-1,
https://rdap.arin.net/registry/ip/8.0.0.0/9
events: {'action': 'last changed', 'timestamp': '2014-03-14T15:52:05-04:00', 'actor': None},
{'action': 'registration', 'timestamp': '2014-03-14T15:52:05-04:00', 'actor': None}
raw: null
start_address: 8.8.8.0
end_address: 8.8.8.255
cidr: 8.8.8.0/24
ip_version: v4
type: ALLOCATION
name: LVLT-GOGL-8-8-8
country: null
parent_handle: NET-8-0-0-0-1
8.8.8.845

domain


Returns Domain information and reputation.

Base Command

domain

Input

Argument NameDescriptionRequired
domainList of Domains.Optional
thresholdIf the domain has reputation above the threshold then the domain defined as malicious. If threshold not set, then threshold from instance configuration is used.Optional

Context Output

PathTypeDescription
DBotScore.IndicatorStringThe indicator that was tested.
DBotScore.ScoreNumberThe actual score.
DBotScore.TypeStringThe indicator type.
DBotScore.VendorStringThe vendor used to calculate the score.
Domain.NameStringThe domain name.
Domain.Malicious.VendorStringThe vendor reporting the domain as malicious.
Domain.Malicious.DescriptionStringA description explaining why the domain was reported as malicious.
Domain.Registrant.NameStringThe name of the registrant.
Domain.Registrant.CountryStringThe country of the registrant.
Domain.OrganizationStringThe organization of the domain.
Domain.CreationDateDateThe creation date of the domain. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
Domain.ExpirationDateDateThe expiration date of the domain. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
Domain.UpdatedDateDateThe date when the domain was last updated. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
Domain.NameServersStringName servers of the domain.
Domain.WHOIS.NameServersStringA CSV string of name servers, for example 'ns1.bla.com, ns2.bla.com'.
Domain.WHOIS.CreationDateDateThe creation date of the domain. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
Domain.WHOIS.UpdatedDateDateThe date when the domain was last updated. Format is ISO8601 (i.e. '2020-04-30T10:35:00.000Z').
Domain.WHOIS.ExpirationDateDateThe expiration date of the domain.
Domain.WHOIS.Registrar.NameStringThe name of the registrar, for example 'GoDaddy'
IP.ASNStringThe autonomous system name for the IP address.
HelloWorld.Domain.addressStringDomain admin address.
HelloWorld.Domain.cityStringDomain admin city.
HelloWorld.Domain.countryStringDomain admin country.
HelloWorld.Domain.creation_dateDateDomain creation date. Format is ISO8601.
HelloWorld.Domain.dnssecStringDNSSEC status.
HelloWorld.Domain.domainStringThe domain name.
HelloWorld.Domain.domain_nameStringDomain name options.
HelloWorld.Domain.emailsStringContact emails.
HelloWorld.Domain.expiration_dateDateExpiration date. Format is ISO8601.
HelloWorld.Domain.nameStringDomain admin name.
HelloWorld.Domain.name_serversStringName server.
HelloWorld.Domain.orgStringDomain organization.
HelloWorld.Domain.referral_urlUnknownReferral URL.
HelloWorld.Domain.registrarStringDomain registrar.
HelloWorld.Domain.scoreNumberReputation score from HelloWorld for this domain (0 to 100, where higher is worse).
HelloWorld.Domain.stateStringDomain admin state.
HelloWorld.Domain.statusStringDomain status.
HelloWorld.Domain.updated_dateDateUpdated date. Format is ISO8601.
HelloWorld.Domain.whois_serverStringWHOIS server.
HelloWorld.Domain.zipcodeUnknownDomain admin zipcode.

Command Example

!domain domain="demisto.com"

Context Example

{
"DBotScore": {
"Indicator": "demisto.com",
"Score": 2,
"Type": "domain",
"Vendor": "HelloWorld"
},
"Domain": {
"CreationDate": "2015-01-16T21:36:27.000Z",
"ExpirationDate": "2026-01-16T21:36:27.000Z",
"Name": "demisto.com",
"NameServers": [
"PNS31.CLOUDNS.NET",
"PNS32.CLOUDNS.NET",
"PNS33.CLOUDNS.NET",
"PNS34.CLOUDNS.NET",
"pns31.cloudns.net",
"pns32.cloudns.net",
"pns33.cloudns.net",
"pns34.cloudns.net"
],
"Organization": "WhoisGuard, Inc.",
"Registrant": {
"Country": "PA",
"Email": null,
"Name": "WhoisGuard Protected",
"Phone": null
},
"Registrar": {
"AbuseEmail": null,
"AbusePhone": null,
"Name": "NAMECHEAP INC"
},
"UpdatedDate": "2019-05-14T16:14:12.000Z",
"WHOIS": {
"CreationDate": "2015-01-16T21:36:27.000Z",
"ExpirationDate": "2026-01-16T21:36:27.000Z",
"NameServers": [
"PNS31.CLOUDNS.NET",
"PNS32.CLOUDNS.NET",
"PNS33.CLOUDNS.NET",
"PNS34.CLOUDNS.NET",
"pns31.cloudns.net",
"pns32.cloudns.net",
"pns33.cloudns.net",
"pns34.cloudns.net"
],
"Registrant": {
"Country": "PA",
"Email": null,
"Name": "WhoisGuard Protected",
"Phone": null
},
"Registrar": {
"AbuseEmail": null,
"AbusePhone": null,
"Name": "NAMECHEAP INC"
},
"UpdatedDate": "2019-05-14T16:14:12.000Z"
}
},
"HelloWorld": {
"Domain": {
"address": "P.O. Box 0823-03411",
"city": "Panama",
"country": "PA",
"creation_date": "2015-01-16T21:36:27.000Z",
"dnssec": "unsigned",
"domain": "demisto.com",
"domain_name": [
"DEMISTO.COM",
"demisto.com"
],
"emails": [
"abuse@namecheap.com",
"5be9245893ff486d98c3640879bb2657.protect@whoisguard.com"
],
"expiration_date": "2026-01-16T21:36:27.000Z",
"name": "WhoisGuard Protected",
"name_servers": [
"PNS31.CLOUDNS.NET",
"PNS32.CLOUDNS.NET",
"PNS33.CLOUDNS.NET",
"PNS34.CLOUDNS.NET",
"pns31.cloudns.net",
"pns32.cloudns.net",
"pns33.cloudns.net",
"pns34.cloudns.net"
],
"org": "WhoisGuard, Inc.",
"referral_url": null,
"registrar": "NAMECHEAP INC",
"score": 56,
"state": "Panama",
"status": "clientTransferProhibited https://icann.org/epp#clientTransferProhibited",
"updated_date": "2019-05-14T16:14:12.000Z",
"whois_server": "whois.namecheap.com",
"zipcode": null
}
}
}

Human Readable Output

Domain List

addresscitycountrycreation_datednssecdomaindomain_nameemailsexpiration_datenamename_serversorgreferral_urlregistrarscorestatestatusupdated_datewhois_serverzipcode
P.O. Box 0823-03411PanamaPA2015-01-16T21:36:27.000Zunsigneddemisto.comDEMISTO.COM,
demisto.com
abuse@namecheap.com,
5be9245893ff486d98c3640879bb2657.protect@whoisguard.com
2026-01-16T21:36:27.000ZWhoisGuard ProtectedPNS31.CLOUDNS.NET,
PNS32.CLOUDNS.NET,
PNS33.CLOUDNS.NET,
PNS34.CLOUDNS.NET,
pns31.cloudns.net,
pns32.cloudns.net,
pns33.cloudns.net,
pns34.cloudns.net
WhoisGuard, Inc.NAMECHEAP INC56PanamaclientTransferProhibited https://icann.org/epp#clientTransferProhibited2019-05-14T16:14:12.000Zwhois.namecheap.com

helloworld-scan-start


Start scan on an asset.

Base Command

helloworld-scan-start

Input

Argument NameDescriptionRequired
hostnameAsset to start the scan against.Required

Context Output

PathTypeDescription
HelloWorld.Scan.scan_idstringUnique ID of the scan.
HelloWorld.Scan.statusstringStatus of the scan ('RUNNING' or 'COMPLETE').
HelloWorld.Scan.hostnamestringThe hostname the scan is run against.

Command Example

!helloworld-scan-start hostname="example.com"

Context Example

{
"HelloWorld": {
"Scan": {
"hostname": "example.com",
"scan_id": "22cc5dba-9e61-42c6-8355-94527b9815c6",
"status": "RUNNING"
}
}
}

Human Readable Output

Started scan 22cc5dba-9e61-42c6-8355-94527b9815c6

helloworld-scan-status


Retrieve scan status for one or more scan IDs.

Base Command

helloworld-scan-status

Input

Argument NameDescriptionRequired
scan_idList of Scan IDs. helloworld-scan-start returns "scan_id".Required

Context Output

PathTypeDescription
HelloWorld.Scan.scan_idstringUnique ID of the scan.
HelloWorld.Scan.statusstringStatus of the scan ('RUNNING' or 'COMPLETE').

Command Example

!helloworld-scan-status scan_id="100"

Context Example

{
"HelloWorld": {
"Scan": {
"scan_id": "100",
"status": "COMPLETE"
}
}
}

Human Readable Output

Scan status

scan_idstatus
100COMPLETE

helloworld-scan-results


Retrieve scan status in Context or as a File (default) for a Scan.

Base Command

helloworld-scan-results

Input

Argument NameDescriptionRequired
formatResults format (file or JSON).Required
scan_idUnique ID of the scan.Required

Context Output

PathTypeDescription
HelloWorld.Scan.entities.entity-idStringScanned entity ID.
HelloWorld.Scan.entities.ip_addressStringScanned entity IP address.
HelloWorld.Scan.entities.typeStringScanned entity type.
HelloWorld.Scan.entities.vulnerability_statusStringScanned entity vulnerability status.
HelloWorld.Scan.entities.vulnsStringScanned entity CVE.
HelloWorld.Scan.scan_idStringUnique ID of the scan.
HelloWorld.Scan.statusStringStatus of the scan ('RUNNING' or 'COMPLETE').
InfoFile.EntryIDUnknownThe EntryID of the report file.
InfoFile.ExtensionstringThe extension of the report file.
InfoFile.NamestringThe name of the report file.
InfoFile.InfostringThe info of the report file.
InfoFile.SizenumberThe size of the report file.
InfoFile.TypestringThe type of the report file.
CVE.IDstringThe ID of the CVE.

Command Example

!helloworld-scan-results scan_id=100 format=json

Context Example

{
"CVE": {
"ID": [
"CVE-2019-14805",
"CVE-2019-15472",
"CVE-2019-0200",
"CVE-2019-10490",
"CVE-2019-2658",
"CVE-2019-8139",
"CVE-2019-10401",
"CVE-2019-5989",
"CVE-2019-2128",
"CVE-2019-5279",
"CVE-2019-13507",
"CVE-2019-5450",
"CVE-2019-6291",
"CVE-2019-4811",
"CVE-2019-9322",
"CVE-2019-18250",
"CVE-2019-7169",
"CVE-2019-18671",
"CVE-2019-7390",
"CVE-2019-1716",
"CVE-2019-10763",
"CVE-2019-1512",
"CVE-2019-15485",
"CVE-2019-12611",
"CVE-2019-13100",
"CVE-2019-18824",
"CVE-2019-2889",
"CVE-2019-10311",
"CVE-2019-1003074",
"CVE-2019-16177",
"CVE-2019-19767",
"CVE-2019-3420",
"CVE-2019-19532",
"CVE-2019-2946",
"CVE-2019-10528",
"CVE-2019-13301",
"CVE-2019-5252",
"CVE-2019-7081",
"CVE-2019-5880",
"CVE-2019-20443",
"CVE-2019-0240",
"CVE-2019-17426",
"CVE-2019-5250",
"CVE-2019-20424",
"CVE-2019-9578",
"CVE-2019-10481",
"CVE-2019-4856",
"CVE-2019-8994",
"CVE-2019-0335",
"CVE-2019-6457",
"CVE-2019-0734",
"CVE-2019-13339",
"CVE-2019-1732",
"CVE-2019-15593",
"CVE-2019-6579",
"CVE-2019-15233",
"CVE-2019-17269",
"CVE-2019-8654",
"CVE-2019-9624",
"CVE-2019-2923",
"CVE-2019-13524",
"CVE-2019-9580",
"CVE-2019-0667",
"CVE-2019-2610",
"CVE-2019-5632",
"CVE-2019-9375",
"CVE-2019-5114",
"CVE-2019-12978",
"CVE-2019-19817",
"CVE-2019-10479",
"CVE-2019-12162",
"CVE-2019-11971",
"CVE-2019-12762",
"CVE-2019-0746",
"CVE-2019-15497",
"CVE-2019-9025",
"CVE-2019-10492",
"CVE-2019-14357",
"CVE-2019-5763",
"CVE-2019-5789",
"CVE-2019-16534",
"CVE-2019-18241",
"CVE-2019-11331",
"CVE-2019-19592",
"CVE-2019-11632",
"CVE-2019-8926",
"CVE-2019-4038",
"CVE-2019-5095",
"CVE-2019-16237",
"CVE-2019-9114",
"CVE-2019-0757",
"CVE-2019-7711",
"CVE-2019-9974",
"CVE-2019-6335",
"CVE-2019-1787",
"CVE-2019-8748",
"CVE-2019-9368",
"CVE-2019-7940",
"CVE-2019-18769",
"CVE-2019-1728",
"CVE-2019-11213",
"CVE-2019-16792",
"CVE-2019-16205",
"CVE-2019-8029",
"CVE-2019-17342",
"CVE-2019-9792",
"CVE-2019-4139",
"CVE-2019-17399",
"CVE-2019-6273",
"CVE-2019-7974",
"CVE-2019-10956",
"CVE-2019-11163",
"CVE-2019-15064",
"CVE-2019-2239",
"CVE-2019-5579",
"CVE-2019-20091",
"CVE-2019-4860",
"CVE-2019-0186",
"CVE-2019-2257",
"CVE-2019-16320",
"CVE-2019-9147",
"CVE-2019-5084",
"CVE-2019-0887",
"CVE-2019-0819",
"CVE-2019-1959",
"CVE-2019-3735"
]
},
"HelloWorld": {
"Scan": {
"entities": [
{
"entity-id": "40d6a1cb-9b32-4a93-a0d9-f3eec2e225cb",
"ip_address": "37.201.236.182",
"type": "Router",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-4860",
"CVE-2019-19817",
"CVE-2019-0819",
"CVE-2019-8654"
]
},
{
"entity-id": "f67541a0-d7fe-44d2-8734-b1734ae4e1ab",
"ip_address": "175.190.247.180",
"type": "Printer",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-7974",
"CVE-2019-1003074",
"CVE-2019-20091"
]
},
{
"entity-id": "3ad97b0a-5d91-4dad-b979-e08d3a2d499d",
"ip_address": "194.17.62.219",
"type": "Printer",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-0746"
]
},
{
"entity-id": "d75c234f-d7e9-464b-ae05-f28e720f8b12",
"ip_address": "71.122.181.11",
"type": "HSM",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-7169",
"CVE-2019-6291",
"CVE-2019-6335",
"CVE-2019-9322",
"CVE-2019-17426"
]
},
{
"entity-id": "dcc26c08-b40f-4793-bf85-4c54b64e4e5d",
"ip_address": "136.144.93.38",
"type": "Endpoint",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-14805",
"CVE-2019-18769"
]
},
{
"entity-id": "59e9c5e0-5c0c-493f-8314-ac92318a1462",
"ip_address": "136.181.109.109",
"type": "Endpoint",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-10479",
"CVE-2019-13524",
"CVE-2019-9580",
"CVE-2019-0240",
"CVE-2019-6457"
]
},
{
"entity-id": "f403b41b-587e-4293-a802-0bc5ba03a3f2",
"ip_address": "159.105.212.108",
"type": "Train",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-19592",
"CVE-2019-10490",
"CVE-2019-0757",
"CVE-2019-15485"
]
},
{
"entity-id": "6ed7469a-5158-47a5-b17f-8fb721e51227",
"ip_address": "5.114.109.222",
"type": "HSM",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-9375",
"CVE-2019-18671",
"CVE-2019-13301",
"CVE-2019-16205",
"CVE-2019-8994"
]
},
{
"entity-id": "ab35bd99-44f9-4096-a9ae-adca874f90e2",
"ip_address": "172.60.9.133",
"type": "Train",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-0734",
"CVE-2019-16177",
"CVE-2019-10763",
"CVE-2019-18241",
"CVE-2019-15472"
]
},
{
"entity-id": "9500171c-1d82-4df0-9e55-8211925a7366",
"ip_address": "111.30.110.70",
"type": "Fridge",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-11163"
]
},
{
"entity-id": "795ca8b4-32ad-4ba9-b578-7ac7e35b2a81",
"ip_address": "97.213.154.249",
"type": "Gate",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-7940",
"CVE-2019-2257"
]
},
{
"entity-id": "7cf5d465-c9e1-48ca-b952-3d287cce5aba",
"ip_address": "127.96.3.67",
"type": "Fan",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-5084",
"CVE-2019-0667",
"CVE-2019-15497",
"CVE-2019-0887"
]
},
{
"entity-id": "8d425bf0-e3e8-49fd-89e1-e918d3e1f9f4",
"ip_address": "209.109.7.246",
"type": "Gate",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-9792",
"CVE-2019-18250",
"CVE-2019-17399",
"CVE-2019-12978"
]
},
{
"entity-id": "c80278a6-70af-40a9-9914-535f9efba725",
"ip_address": "135.209.178.232",
"type": "Gate",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-8029"
]
},
{
"entity-id": "2d926b20-6b7d-4a3d-85c7-3edded7ef5a7",
"ip_address": "203.69.245.105",
"type": "HSM",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-1732"
]
},
{
"entity-id": "3e7b9099-b86d-43b8-897e-84dbabb2e656",
"ip_address": "131.97.249.220",
"type": "Fridge",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-12762",
"CVE-2019-13507",
"CVE-2019-16792",
"CVE-2019-10492"
]
},
{
"entity-id": "ef31a797-f340-4421-96ae-966d880463f6",
"ip_address": "5.115.147.13",
"type": "IoT Device",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-9974",
"CVE-2019-10956",
"CVE-2019-8748"
]
},
{
"entity-id": "4c5ce6a4-be8c-4341-b09c-075f2285c18e",
"ip_address": "77.178.129.200",
"type": "Fridge",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-13100",
"CVE-2019-20443",
"CVE-2019-10528"
]
},
{
"entity-id": "70fe2247-50e6-463b-8f65-bea4916cac67",
"ip_address": "159.58.108.231",
"type": "Train",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-15233"
]
},
{
"entity-id": "fa8fcd0c-6862-46d7-b649-488c56509822",
"ip_address": "172.71.119.38",
"type": "Train",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-12611",
"CVE-2019-14357",
"CVE-2019-5579",
"CVE-2019-20424"
]
},
{
"entity-id": "9ca55748-cba2-469c-a468-73666f5a182a",
"ip_address": "137.39.150.42",
"type": "Mainframe",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-5632",
"CVE-2019-9025"
]
},
{
"entity-id": "8fef9722-d627-4737-81b9-f1454032b640",
"ip_address": "254.143.245.36",
"type": "Train",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-19532",
"CVE-2019-10311",
"CVE-2019-9578"
]
},
{
"entity-id": "146685d1-9899-425d-b2f0-fa082fbab0a9",
"ip_address": "132.172.112.36",
"type": "Train",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-7711",
"CVE-2019-10481",
"CVE-2019-1959"
]
},
{
"entity-id": "b0a94cfd-574d-468f-8f82-10dc3fe00ff8",
"ip_address": "139.166.107.214",
"type": "IoT Device",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-11331"
]
},
{
"entity-id": "bb76f8cf-d264-42ce-bf47-c61da8324a43",
"ip_address": "45.174.165.64",
"type": "Printer",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-5095",
"CVE-2019-2658",
"CVE-2019-15593",
"CVE-2019-16320",
"CVE-2019-11213"
]
},
{
"entity-id": "ec6ad2df-37ce-4eed-ba3e-1507ff7d975a",
"ip_address": "99.120.52.25",
"type": "Router",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-5114",
"CVE-2019-9147"
]
},
{
"entity-id": "85273e98-e070-42e0-9b4e-3cefa15fffac",
"ip_address": "254.186.92.211",
"type": "IoT Device",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-17342",
"CVE-2019-17269",
"CVE-2019-6273",
"CVE-2019-5880",
"CVE-2019-9368"
]
},
{
"entity-id": "05b53757-7155-4a5f-b047-b968e6ca2dec",
"ip_address": "119.78.96.64",
"type": "Router",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-16237"
]
},
{
"entity-id": "ec8e0a9b-9321-4bc0-9247-c10808686fa8",
"ip_address": "81.119.103.180",
"type": "Server",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-5252",
"CVE-2019-1512"
]
},
{
"entity-id": "4f3121a8-de72-42ad-b490-10b307e0c553",
"ip_address": "201.145.25.59",
"type": "Train",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-1728",
"CVE-2019-2946"
]
},
{
"entity-id": "df439f01-59b2-4fc7-9356-a845534158e2",
"ip_address": "108.94.125.170",
"type": "Endpoint",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-15064",
"CVE-2019-19767",
"CVE-2019-2239",
"CVE-2019-2923"
]
},
{
"entity-id": "5082677b-eb00-4724-b2d6-f64010a85e60",
"ip_address": "162.183.92.207",
"type": "HSM",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-16534",
"CVE-2019-5250",
"CVE-2019-11632",
"CVE-2019-11971",
"CVE-2019-4811"
]
},
{
"entity-id": "a10f4a77-45ea-4213-979a-3031835d75f6",
"ip_address": "77.165.85.252",
"type": "Fan",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-1716",
"CVE-2019-10401",
"CVE-2019-0335"
]
},
{
"entity-id": "636e3504-5a6b-404c-96e2-c5bd9524a4d5",
"ip_address": "145.132.60.210",
"type": "HSM",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-3420",
"CVE-2019-5763",
"CVE-2019-0200",
"CVE-2019-5989",
"CVE-2019-12162"
]
},
{
"entity-id": "6851f735-5d3b-434a-978e-97536317def7",
"ip_address": "153.44.130.204",
"type": "IoT Device",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-13339",
"CVE-2019-4038",
"CVE-2019-4856"
]
},
{
"entity-id": "56936e07-bc42-48cb-9aa8-2aa6c4b22ddc",
"ip_address": "191.18.113.68",
"type": "IoT Device",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-8139",
"CVE-2019-5450"
]
},
{
"entity-id": "a2fbc2d1-e76e-4245-b9c2-74c12e1d4d38",
"ip_address": "180.247.251.51",
"type": "Endpoint",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-3735",
"CVE-2019-5789",
"CVE-2019-2128",
"CVE-2019-5279"
]
},
{
"entity-id": "e1383013-9086-433b-a8a7-8b67b221b082",
"ip_address": "217.31.78.215",
"type": "Smart Beer",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-2889",
"CVE-2019-9114"
]
},
{
"entity-id": "e961ac9c-b0f2-49ec-8193-7a1ae8e3f038",
"ip_address": "43.219.254.133",
"type": "IoT Device",
"vulnerability_status": "SERIOUS",
"vulns": [
"CVE-2019-9624",
"CVE-2019-0186"
]
},
{
"entity-id": "88e31eb7-49b7-4870-bb17-d31a290ecadb",
"ip_address": "74.155.134.147",
"type": "HSM",
"vulnerability_status": "TRIVIAL",
"vulns": [
"CVE-2019-4139",
"CVE-2019-7081",
"CVE-2019-1787",
"CVE-2019-18824"
]
},
{
"entity-id": "12ce3171-49f1-4ee6-ac94-ef2c141f23ed",
"ip_address": "188.186.34.143",
"type": "Endpoint",
"vulnerability_status": "NON-SERIOUS",
"vulns": [
"CVE-2019-8926",
"CVE-2019-6579",
"CVE-2019-7390",
"CVE-2019-2610"
]
}
],
"scan_id": "100",
"status": "COMPLETE"
}
}
}

Human Readable Output

Scan 100 results

entity-idip_addresstypevulnerability_statusvulns
40d6a1cb-9b32-4a93-a0d9-f3eec2e225cb37.201.236.182RouterNON-SERIOUSCVE-2019-4860,
CVE-2019-19817,
CVE-2019-0819,
CVE-2019-8654
f67541a0-d7fe-44d2-8734-b1734ae4e1ab175.190.247.180PrinterSERIOUSCVE-2019-7974,
CVE-2019-1003074,
CVE-2019-20091
3ad97b0a-5d91-4dad-b979-e08d3a2d499d194.17.62.219PrinterNON-SERIOUSCVE-2019-0746
d75c234f-d7e9-464b-ae05-f28e720f8b1271.122.181.11HSMNON-SERIOUSCVE-2019-7169,
CVE-2019-6291,
CVE-2019-6335,
CVE-2019-9322,
CVE-2019-17426
dcc26c08-b40f-4793-bf85-4c54b64e4e5d136.144.93.38EndpointTRIVIALCVE-2019-14805,
CVE-2019-18769
59e9c5e0-5c0c-493f-8314-ac92318a1462136.181.109.109EndpointNON-SERIOUSCVE-2019-10479,
CVE-2019-13524,
CVE-2019-9580,
CVE-2019-0240,
CVE-2019-6457
f403b41b-587e-4293-a802-0bc5ba03a3f2159.105.212.108TrainTRIVIALCVE-2019-19592,
CVE-2019-10490,
CVE-2019-0757,
CVE-2019-15485
6ed7469a-5158-47a5-b17f-8fb721e512275.114.109.222HSMNON-SERIOUSCVE-2019-9375,
CVE-2019-18671,
CVE-2019-13301,
CVE-2019-16205,
CVE-2019-8994
ab35bd99-44f9-4096-a9ae-adca874f90e2172.60.9.133TrainSERIOUSCVE-2019-0734,
CVE-2019-16177,
CVE-2019-10763,
CVE-2019-18241,
CVE-2019-15472
9500171c-1d82-4df0-9e55-8211925a7366111.30.110.70FridgeSERIOUSCVE-2019-11163
795ca8b4-32ad-4ba9-b578-7ac7e35b2a8197.213.154.249GateSERIOUSCVE-2019-7940,
CVE-2019-2257
7cf5d465-c9e1-48ca-b952-3d287cce5aba127.96.3.67FanNON-SERIOUSCVE-2019-5084,
CVE-2019-0667,
CVE-2019-15497,
CVE-2019-0887
8d425bf0-e3e8-49fd-89e1-e918d3e1f9f4209.109.7.246GateSERIOUSCVE-2019-9792,
CVE-2019-18250,
CVE-2019-17399,
CVE-2019-12978
c80278a6-70af-40a9-9914-535f9efba725135.209.178.232GateTRIVIALCVE-2019-8029
2d926b20-6b7d-4a3d-85c7-3edded7ef5a7203.69.245.105HSMNON-SERIOUSCVE-2019-1732
3e7b9099-b86d-43b8-897e-84dbabb2e656131.97.249.220FridgeNON-SERIOUSCVE-2019-12762,
CVE-2019-13507,
CVE-2019-16792,
CVE-2019-10492
ef31a797-f340-4421-96ae-966d880463f65.115.147.13IoT DeviceTRIVIALCVE-2019-9974,
CVE-2019-10956,
CVE-2019-8748
4c5ce6a4-be8c-4341-b09c-075f2285c18e77.178.129.200FridgeTRIVIALCVE-2019-13100,
CVE-2019-20443,
CVE-2019-10528
70fe2247-50e6-463b-8f65-bea4916cac67159.58.108.231TrainTRIVIALCVE-2019-15233
fa8fcd0c-6862-46d7-b649-488c56509822172.71.119.38TrainSERIOUSCVE-2019-12611,
CVE-2019-14357,
CVE-2019-5579,
CVE-2019-20424
9ca55748-cba2-469c-a468-73666f5a182a137.39.150.42MainframeTRIVIALCVE-2019-5632,
CVE-2019-9025
8fef9722-d627-4737-81b9-f1454032b640254.143.245.36TrainNON-SERIOUSCVE-2019-19532,
CVE-2019-10311,
CVE-2019-9578
146685d1-9899-425d-b2f0-fa082fbab0a9132.172.112.36TrainTRIVIALCVE-2019-7711,
CVE-2019-10481,
CVE-2019-1959
b0a94cfd-574d-468f-8f82-10dc3fe00ff8139.166.107.214IoT DeviceTRIVIALCVE-2019-11331
bb76f8cf-d264-42ce-bf47-c61da8324a4345.174.165.64PrinterSERIOUSCVE-2019-5095,
CVE-2019-2658,
CVE-2019-15593,
CVE-2019-16320,
CVE-2019-11213
ec6ad2df-37ce-4eed-ba3e-1507ff7d975a99.120.52.25RouterNON-SERIOUSCVE-2019-5114,
CVE-2019-9147
85273e98-e070-42e0-9b4e-3cefa15fffac254.186.92.211IoT DeviceTRIVIALCVE-2019-17342,
CVE-2019-17269,
CVE-2019-6273,
CVE-2019-5880,
CVE-2019-9368
05b53757-7155-4a5f-b047-b968e6ca2dec119.78.96.64RouterSERIOUSCVE-2019-16237
ec8e0a9b-9321-4bc0-9247-c10808686fa881.119.103.180ServerTRIVIALCVE-2019-5252,
CVE-2019-1512
4f3121a8-de72-42ad-b490-10b307e0c553201.145.25.59TrainTRIVIALCVE-2019-1728,
CVE-2019-2946
df439f01-59b2-4fc7-9356-a845534158e2108.94.125.170EndpointNON-SERIOUSCVE-2019-15064,
CVE-2019-19767,
CVE-2019-2239,
CVE-2019-2923
5082677b-eb00-4724-b2d6-f64010a85e60162.183.92.207HSMNON-SERIOUSCVE-2019-16534,
CVE-2019-5250,
CVE-2019-11632,
CVE-2019-11971,
CVE-2019-4811
a10f4a77-45ea-4213-979a-3031835d75f677.165.85.252FanSERIOUSCVE-2019-1716,
CVE-2019-10401,
CVE-2019-0335
636e3504-5a6b-404c-96e2-c5bd9524a4d5145.132.60.210HSMSERIOUSCVE-2019-3420,
CVE-2019-5763,
CVE-2019-0200,
CVE-2019-5989,
CVE-2019-12162
6851f735-5d3b-434a-978e-97536317def7153.44.130.204IoT DeviceSERIOUSCVE-2019-13339,
CVE-2019-4038,
CVE-2019-4856
56936e07-bc42-48cb-9aa8-2aa6c4b22ddc191.18.113.68IoT DeviceTRIVIALCVE-2019-8139,
CVE-2019-5450
a2fbc2d1-e76e-4245-b9c2-74c12e1d4d38180.247.251.51EndpointTRIVIALCVE-2019-3735,
CVE-2019-5789,
CVE-2019-2128,
CVE-2019-5279
e1383013-9086-433b-a8a7-8b67b221b082217.31.78.215Smart BeerTRIVIALCVE-2019-2889,
CVE-2019-9114
e961ac9c-b0f2-49ec-8193-7a1ae8e3f03843.219.254.133IoT DeviceSERIOUSCVE-2019-9624,
CVE-2019-0186
88e31eb7-49b7-4870-bb17-d31a290ecadb74.155.134.147HSMTRIVIALCVE-2019-4139,
CVE-2019-7081,
CVE-2019-1787,
CVE-2019-18824
12ce3171-49f1-4ee6-ac94-ef2c141f23ed188.186.34.143EndpointNON-SERIOUSCVE-2019-8926,
CVE-2019-6579,
CVE-2019-7390,
CVE-2019-2610