Download CISCO PSIRT Manual Update Guide

Nipper – Cisco PSIRT Manual Resource Update Guide

Making the most of our multiple Award-winning Security Software

This guide is to assist with manually updating your Cisco PSIRT resources in Nipper. This guide is split into 4 main parts, 3 of which are manual. The first part and final part of this guide are around using a Python script which will automate the retrieving and updating process:

Creating an API Account

Retrieving the Resources

Updating Nipper

PSIRT Update Script

Creating an API Account

You will need to create an account for Cisco API:

https://cloudsso.cisco.com/idp/startSSO.ping?PartnerSpId=apiconsole.cisco.com

If you already have an account, please login.

Once logged in, select “My Apps & Keys”:

Then click “Register a New App”:

Name the application “Cisco PSIRT openVuln API” and tick the “Cisco PSIRT openVuln API” tickbox:

Tick the Terms of Service agreement at the bottom of the page and click “Register”:

The application will now be created. Navigate back to “My App & Keys” to see the details under the “Applications” tab:

Retrieving the resource

Once here, if you go the “Applications” tab, you will see your Application you just made, with the 2 key parts you need to copy “Key” and “Client Secret” the ones below will not work, you will need to use your own:

Open a command window using Start and ‘command’ or ‘cmd’

Then from here you will need to modify the command below to have your 2 values from your API:

curl -s -k -H "Content-Type: application/x-www-form-urlencoded" -X POST -d "client_id=####Key#####" -d "client_secret=####Client Secret####" -d "grant_type=client_credentials"

https://cloudsso.cisco.com/as/token.oauth2

After you have modified the command above to include your “Key” and “Client Secret”, then you will need to run this in command prompt similar to below:

After doing this, you will get an access token as shown on the last line, you will then need this for command below, you will also need to edit the last parameter to save in a location, and it will need to be in a JSON format:

curl -X GET -s -k -H "Accept: application/json" -H "Authorization: Bearer ####access_token####" https://api.cisco.com/security/advisories/all > "C:/..."

Example:

After this you will see a file show up in the location specified:

Updating Nipper

To add the PSIRT file to Nipper, open the Resource Manager by clicking on Manage Resources in the Tools menu.

The PSIRT file currently included is listed in the resource manager in the PSIRT group

As you are replacing a PSIRT file, you will first need to remove the old one, as the Resource Manager will not let you add a new file with the same name. Click on View Details for the file in question and click Remove.

To add the new file, click on New Resource to open the Add Resource wizard. Select the Cisco PSIRT resource type and click Next.

From here, you can select Add File. Add File will open a file explorer dialog and allow you to select the single PSIRT file you wish to add to Nipper.

Once you have added the PSIRT file, click Next to begin adding the file to Nipper. Once this process finishes, you should see the screen below.

Cisco PSIRT Vulnerability Audits run from Nipper will now include your custom PSIRT file.

PSIRT Update Script

By using this script it will automatically download the latest PSIRT, and update Nipper. You will need first download the script here: https://bitbucket.org/titanialtd/resource_updater/src. You would need Python 3 for this as well, if it downloaded to system path you will have to do this from the Python Directory.

You are required to have installed python, pip and pipenv.

For information about installing these, see the following links:

https://www.python.org/downloads/

https://pypi.org/project/pip/

https://pypi.org/project/pipenv/

After doing this you will need to follow the “Creating the API” part of the guide once all of the requirements have been met and Python and the dependencies have been set up. You will be able to start following the steps below: