Zum Inhalt springen

Legit Security Commands

Comprehensive Legit Security ASPM platform commands and workflows for application security posture management.

Legitify CLI Tool

Command	Description
`legitify --help`	Show help information
`legitify --version`	Show version information
`legitify --org <organization>`	Scan specific organization
`legitify --repo <repository>`	Scan specific repository
`legitify --token <token>`	Use GitHub token for authentication
`legitify --output-format json`	Output results in JSON format
`legitify --output-file results.json`	Save results to file
`legitify --scorecard`	Generate security scorecard

GitHub Security Scanning

Command	Description
`legitify github --org <org>`	Scan GitHub organization
`legitify github --repo <owner/repo>`	Scan specific repository
`legitify github --all-repos`	Scan all accessible repositories
`legitify github --branch-protection`	Check branch protection rules
`legitify github --secrets-scanning`	Verify secrets scanning configuration
`legitify github --dependency-review`	Check dependency review settings

Configuration Management

Command	Description
`legitify config init`	Initialize configuration file
`legitify config validate`	Validate configuration
`legitify config show`	Display current configuration
`legitify config set <key> <value>`	Set configuration value
`legitify --config <file>`	Use custom configuration file

Policy Management

Command	Description
`legitify policies list`	List available policies
`legitify policies show <policy>`	Show policy details
`legitify policies validate`	Validate custom policies
`legitify --policy <policy>`	Run specific policy
`legitify --skip-policy <policy>`	Skip specific policy
`legitify --severity <level>`	Filter by severity level

Reporting and Output

Command	Description
`legitify --output-format table`	Output in table format
`legitify --output-format json`	Output in JSON format
`legitify --output-format sarif`	Output in SARIF format
`legitify --output-format csv`	Output in CSV format
`legitify --quiet`	Suppress verbose output
`legitify --verbose`	Enable verbose logging

ASPM Platform API

Endpoint	Description
`GET /api/v1/organizations`	List organizations
`GET /api/v1/repositories`	List repositories
`GET /api/v1/vulnerabilities`	Get vulnerability data
`GET /api/v1/compliance`	Get compliance status
`POST /api/v1/scans`	Trigger security scan
`GET /api/v1/reports`	Generate reports

Authentication and Setup

Command	Description
`legitify auth login`	Login to Legit Security platform
`legitify auth logout`	Logout from platform
`legitify auth status`	Check authentication status
`legitify auth token`	Manage API tokens
`export LEGIT_TOKEN=<token>`	Set environment token

Vulnerability Management

Command	Description
`legitify vulns list`	List vulnerabilities
`legitify vulns show <vuln-id>`	Show vulnerability details
`legitify vulns filter --severity high`	Filter by severity
`legitify vulns filter --status open`	Filter by status
`legitify vulns export`	Export vulnerability data
`legitify vulns remediate <vuln-id>`	Mark vulnerability as remediated

Compliance Scanning

Command	Description
`legitify compliance --framework pci`	Scan for PCI compliance
`legitify compliance --framework sox`	Scan for SOX compliance
`legitify compliance --framework iso27001`	Scan for ISO 27001 compliance
`legitify compliance --framework nist`	Scan for NIST compliance
`legitify compliance report`	Generate compliance report

CI/CD Integration

Command	Description
`legitify ci --pipeline github-actions`	Scan GitHub Actions
`legitify ci --pipeline jenkins`	Scan Jenkins pipeline
`legitify ci --pipeline gitlab-ci`	Scan GitLab CI
`legitify ci --fail-on-high`	Fail build on high severity
`legitify ci --baseline <file>`	Use baseline for comparison

Secret Detection

Command	Description
`legitify secrets scan`	Scan for exposed secrets
`legitify secrets --path <directory>`	Scan specific directory
`legitify secrets --exclude <pattern>`	Exclude files/patterns
`legitify secrets --custom-rules <file>`	Use custom detection rules
`legitify secrets remediate`	Remediate found secrets

Dependency Analysis

Command	Description
`legitify deps scan`	Scan dependencies
`legitify deps --package-manager npm`	Scan NPM dependencies
`legitify deps --package-manager pip`	Scan Python dependencies
`legitify deps --package-manager maven`	Scan Maven dependencies
`legitify deps vulnerabilities`	Show dependency vulnerabilities

Code Quality Analysis

Command	Description
`legitify code scan`	Perform code analysis
`legitify code --language javascript`	Scan JavaScript code
`legitify code --language python`	Scan Python code
`legitify code --language java`	Scan Java code
`legitify code quality`	Generate code quality report

Risk Assessment

Command	Description
`legitify risk assess`	Perform risk assessment
`legitify risk --asset <asset>`	Assess specific asset
`legitify risk score`	Calculate risk score
`legitify risk trends`	Show risk trends
`legitify risk matrix`	Generate risk matrix

Monitoring and Alerts

Command	Description
`legitify monitor start`	Start continuous monitoring
`legitify monitor stop`	Stop monitoring
`legitify monitor status`	Check monitoring status
`legitify alerts list`	List active alerts
`legitify alerts configure`	Configure alert rules

Integration Commands

Command	Description
`legitify integrate jira`	Setup JIRA integration
`legitify integrate slack`	Setup Slack integration
`legitify integrate teams`	Setup Teams integration
`legitify integrate webhook <url>`	Configure webhook
`legitify integrate test`	Test integrations

Advanced Features

Command	Description
`legitify ai analyze`	AI-powered analysis
`legitify ai recommendations`	Get AI recommendations
`legitify ai prioritize`	AI-based prioritization
`legitify ai remediation`	AI-suggested remediation
`legitify ai insights`	Generate AI insights

Batch Operations

Command	Description
`legitify batch scan --repos <file>`	Batch scan repositories
`legitify batch remediate --vulns <file>`	Batch remediate vulnerabilities
`legitify batch export --format json`	Batch export data
`legitify batch import --data <file>`	Import batch data

Performance and Optimization

Command	Description
`legitify --parallel <count>`	Set parallel scan count
`legitify --cache-dir <path>`	Set cache directory
`legitify --timeout <seconds>`	Set scan timeout
`legitify --memory-limit <mb>`	Set memory limit
`legitify optimize`	Optimize scan performance

Debugging and Troubleshooting

Command	Description
`legitify debug --log-level debug`	Enable debug logging
`legitify debug --trace`	Enable trace logging
`legitify debug validate`	Validate configuration
`legitify debug connectivity`	Test connectivity
`legitify debug permissions`	Check permissions

Environment Variables

Variable	Description
`LEGIT_TOKEN`	API authentication token
`LEGIT_ORG`	Default organization
`LEGIT_CONFIG`	Configuration file path
`LEGIT_OUTPUT_DIR`	Default output directory
`LEGIT_LOG_LEVEL`	Logging level

Configuration Files

File	Description
`.legitify.yml`	Main configuration file
`.legitify-policies.yml`	Custom policies configuration
`.legitify-ignore`	Files to ignore during scans
`legitify-baseline.json`	Baseline for comparison

Docker Integration

Command	Description
`docker run legitify/cli scan`	Run in Docker container
`docker run -v $(pwd):/workspace legitify/cli`	Mount workspace
`docker run -e LEGIT_TOKEN=$TOKEN legitify/cli`	Pass environment variables

Kubernetes Integration

Command	Description
`kubectl apply -f legitify-scanner.yaml`	Deploy scanner
`kubectl get pods -l app=legitify`	Check scanner pods
`kubectl logs -l app=legitify`	View scanner logs
`kubectl delete -f legitify-scanner.yaml`	Remove scanner

Webhook Configuration

Event	Description
`vulnerability.found`	New vulnerability detected
`compliance.failed`	Compliance check failed
`scan.completed`	Scan completed
`risk.increased`	Risk level increased
`remediation.required`	Remediation required