Creates a Vulnerability Exception in Lacework with all current CVEs
You need to have the Lacework CLI installed and configured with your environment. configure the variable LW_PROFILE with your profile configured in the lacework cli. By default it uses the profile default.
The current script creates a simple Vulnerability Exception for all CVEs found for a specific host inside Lacework with the following filters applied:
- Critical CVEs with a fix
- High CVEs with a fix
- Low CVEs with a fix
- Info CVEs with a fix The Exception will have a filter applied to the host, is not limited to a specific time. The current exception reason is "Fix Pending".
- The script is in the current version more or less static for all vulnerabilites where a security fix exists. We try to make it more optional.
- v02: Adding capability to detect if the host exists, if a vulnerability exception already exists and if yes update the existing one instead of creating a new one.
- v03: Adding capability to filter for unique CVEs so every CVE in the exception list is only used once.
- v04: Also adding capability to add CVEs with status Unknown.