Misc
CloudDefense's Labs CLI helps you find and fix known vulnerabilities in your dependencies, both on local projects and as part of your CI/CD system.

Installation

Please follow instructions specific to your operating system.

How to update CLI?

Just rerun the command to update the client to the latest version.

Mac

Run the following command which will install thecdefensetool. Check the usage section for details.
1
curl \
2
https://raw.githubusercontent.com/CloudDefenseAI/cd/master/labs/cd-latest-mac-x64.tar.gz > /tmp/cd-latest-mac-x64.tar.gz && tar -C /usr/local/bin -xzf /tmp/cd-latest-mac-x64.tar.gz && chmod +x /usr/local/bin/cdefense
Copied!

Linux

Run the following command which will install thecdefensetool. Check the usage section for details.
1
sudo curl \
2
https://raw.githubusercontent.com/CloudDefenseAI/cd/master/labs/cd-latest-linux-x64.tar.gz > /tmp/cd-latest-linux-x64.tar.gz && tar -C /usr/local/bin -xzf /tmp/cd-latest-linux-x64.tar.gz && chmod +x /usr/local/bin/cdefense
Copied!

Windows

Download the following tar file and unzip it, check the usage section for details.
1
​
2
https://github.com/CloudDefenseAI/cd/raw/master/labs/cd-latest-windows.exe.tar.gz
Copied!

CLI Parameters

The following parameters can be added from CLI when running a scan.
Option
Value
Required
Description
--lang
java, python, PHP, etc
Yes
Language of the project to be scanned
--project-name
string
Yes
Name of the project
--path
/path/to/project
No
Path to the project folder
--api-key
api-key
Yes
API key for Cloud Defense
--tag
string
No
Tag a scan

Usage

Run the following command to get started.
1
cdefense help
Copied!
1
NAME:
2
Cloud Defense CLI Scanner - CLI for scanning and detecting vulnerabilities in any language
3
USAGE:
4
cdefense [global options] command [command options] [arguments...]
5
VERSION:
6
1.12.1
7
COMMANDS:
8
scan, s SCA scan of a given project and post to Cloud Defense server
9
sast, a SAST scan of a given project and post to Cloud Defense server
10
help, h Shows a list of commands or help for one command
11
GLOBAL OPTIONS:
12
--help, -h show help (default: false)
13
--version, -v print the version (default: false)
Copied!

Examples

SCA

1
# Example of python SCA scan
2
cdefense scan --lang=python --api-key=<YOUR_API_KEY> --path=/d/temp/vulpy/requirements.txt --project-name="my-python-project"
3
​
4
# Example of java SCA scan
5
cdefense scan --lang=java --api-key=<YOUR_API_KEY> --path=/d/temp/java-goof --verbose --project-name="My Java Project"
6
​
7
# Example of php SCA scan
8
cdefense scan --lang=php --api-key=<YOUR_API_KEY> --path=/d/temp/php-helloworld-app --project-name="my-php-project"
9
​
10
# Example of NodeJS SCA scan
11
cdefense scan --lang=node --api-key=<YOUR_API_KEY> --path=/d/temp/nodejs-system --project-name="my-nodejs-project"
12
Copied!

SAST

1
# Example of python SAST scan
2
cdefense sast --lang=python --api-key=<YOUR_API_KEY> --path=/d/temp/vulpy/requirements.txt --project-name="my-python-project"
3
​
4
# Example of java SAST scan
5
cdefense sast --lang=java --api-key=<YOUR_API_KEY> --path=/d/temp/java-goof --verbose --project-name="my-java-project"
6
​
7
# Example of php SAST scan
8
cdefense sast --lang=php --api-key=<YOUR_API_KEY> --path=/d/temp/php-helloworld-app --project-name="my-php-project"
9
​
10
# Example of NodeJS SAST scan
11
cdefense sast --lang=node --api-key=<YOUR_API_KEY> --
Copied!
Last modified 2mo ago