You are here: API

TOC & Recently Viewed

Recently Viewed Topics

Tenable.io Container Security API

Last Updated: May 02, 2017

Tenable.io Container Security includes a number of APIs for interacting with the platform:

Caution: To utilize the Tenable.io Container Security API, requests require authentication using Access and Secret keys sent with their headers.

 

Reports API

Start downloading scan results in JSON format for uploaded Docker container images

 

JSON Report by Container Image ID

API endpoint: /api/v1/reports/show

To query for the Tenable.io Container Security report in JSON format, simply query by the container_image_id:

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/reports/show?container_id=<container_image_id>

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
container_id the ID of the container image

Note: If you do not have the container_image_id, you may call the List Stored Container Images endpoint.

 

JSON Report by SHA256

API endpoint: /api/v1/reports/show

Alternatively, you may also query for the latest Tenable.io Container Security report on a container image, using the SHA256 hash of the container image.:

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/reports/show?sha256=<sha256_hash>

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
sha256 SHA256 checksum of the container image

Note: This is helpful in cases where you have previously submitted the container image to Tenable.io Container Security and are seeking to pull the same (or a newer copy) of the scan result again.

 

Nessus Report by Container Image ID

API endpoint: /api/v1/reports/show

Download a Tenable.io Container Security report prepared in Nessus V2 file format, for using in importing a Tenable.io Container Security report into Nessus Professional (versions 4.0 and higher):

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/reports/show?container_id=<container_image_id>

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
container_id the ID of the container image

Note: If you do not have the container_id, you may call the List Stored Container Images endpoint.

 

Scan Jobs API

Start downloading scan results in JSON format for uploaded Docker container images

 

Get Status of Scan Job

API endpoint: /api/v1/jobs/status

Request the status of a rescan request job to determine if a rescan is stilled queued, in progress, or has completed:

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/jobs/status?job_id=<job_id>

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
job_id the job ID of the queued job

Note: If you do not have the job_id, you may call the List All Scan Jobs endpoint.

 

List All Scan Jobs

API endpoint: /api/v1/jobs/list

Request a specific container image to be immediately rescanned:

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/jobs/list

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key

Note: A list of active and recent jobs are returned.

 

Upload API

List stored Docker container images for scanning

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
id the ID of the container image

 

List Stored Container Images

API endpoint: /api/v1/container/list

Tenable.io Container Security provides an API endpoint for enumerating container images stored by a given user, by Access and Secret keys:

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/container/list

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key
job_id the job ID of the queued job

Note: The list stored container images call returns container_image_id's owned by the user matching the provided Access and Secret keys.

 

User Management API

Get started with users

 

List All Users

API endpoint: /api/v1/users/list

If the user's user_id has been misplaced or is otherwise unavailable, the Administrator has the authorization to list all users of the system, which includes the user_id of each user (required to disabling a user):

$ curl -H "X-ApiKeys: accessKey={accessKey}; secretKey={secretKey}" https://cloud.flawcheck.com/api/v1/users/list

Query Parameters

Parameter Description
accessKey Your Tenable.io API Access key
secretKey Your Tenable.io API Secret key

Note: The account creation process provides a notification to the Administrator, with the pending account's user_id.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.