CISA Cyber Hygiene CISA Cyber Hygiene

CISA Cyber Hygiene

Importing CISA Cyber Hygiene Scan Results

Chariot supports importing vulnerability scan results from CISA's Cyber Hygiene vulnerability scanning services. Two types of imports are supported:

Vulnerability Scanning Import

The Vulnerability Scanning import allows you to process results from CISA's traditional infrastructure vulnerability scanning service. To import these results:

  1. Export your scan results as a CSV file from CISA's vulnerability scanning platform
  2. In Chariot, navigate to Integrations
  3. Select "CISA Cyber Hygiene Vulnerability Scanning Import"
  4. Upload your CSV file

The CSV file must contain at minimum these required columns:

  • ip - The IP address of the scanned asset
  • name - The name/title of the vulnerability

Additional supported columns include:

  • protocol and port - Protocol and port indicating specific service on the scanned asset
  • cvss_base_score - CVSS score of the vulnerability
  • description - Detailed explanation of the vulnerability
  • solution - Remediation guidance

Web Application Scanning Import

The Web Application Scanning import processes results from CISA's web application scanning service. To import these results:

  1. Export your web application scan results as a CSV file from CISA's web application scanning platform
  2. In Chariot, navigate to Integrations
  3. Select "CISA Cyber Hygiene Web Application Scanning Import"
  4. Upload your CSV file

The CSV file must contain at minimum these required columns:

  • NAME - The name/title of the vulnerability
  • URL - The full URL where the vulnerability was detected

Additional supported columns include:

  • BASE CVSS - CVSS score of the vulnerability
  • CWE - Common Weakness Enumeration identifier of the vulnerability
  • CVE- Common Vulnerabilities and Exposures identifier of the vulnerability (if applicable)
  • DESCRIPTION - Detailed explanation of the vulnerability
  • IMPACT - Business impact description
  • SOLUTION - Remediation guidance

After import, vulnerabilities will appear in Chariot's Vulnerabilities view with appropriate severity levels, affected assets, and remediation details preserved from the original scan data.

Note: Only vulnerabilities affecting public-facing assets will be imported. Findings for private IP addresses are automatically filtered out during import.

For any questions about importing CISA scan results or using Chariot's import capabilities, please contact support@praetorian.com.

Articles in this section