0
# Vulnerability Management
1
2
Comprehensive vulnerability management capabilities for Azure Security Center, providing server vulnerability assessments, SQL vulnerability scanning, sub-assessment analysis, and software inventory management across your infrastructure.
3
4
## Capabilities
5
6
### Server Vulnerability Assessment
7
8
Manage vulnerability assessments for servers and virtual machines.
9
10
```python { .api }
11
def create_or_update(
12
resource_id: str,
13
**kwargs: Any
14
) -> ServerVulnerabilityAssessment:
15
"""
16
Create or update server vulnerability assessment configuration.
17
18
Parameters:
19
- resource_id (str): Full resource ID of the server
20
21
Returns:
22
ServerVulnerabilityAssessment: Server vulnerability assessment configuration
23
"""
24
25
def get(
26
resource_id: str,
27
**kwargs: Any
28
) -> ServerVulnerabilityAssessment:
29
"""
30
Get server vulnerability assessment configuration.
31
32
Parameters:
33
- resource_id (str): Full resource ID of the server
34
35
Returns:
36
ServerVulnerabilityAssessment: Server vulnerability assessment details
37
"""
38
39
def delete(
40
resource_id: str,
41
**kwargs: Any
42
) -> None:
43
"""
44
Delete server vulnerability assessment configuration.
45
46
Parameters:
47
- resource_id (str): Full resource ID of the server
48
49
Returns:
50
None
51
"""
52
53
def list_by_extended_resource(
54
resource_id: str,
55
**kwargs: Any
56
) -> Iterator[ServerVulnerabilityAssessment]:
57
"""
58
List server vulnerability assessments for an extended resource.
59
60
Parameters:
61
- resource_id (str): Full resource ID of the extended resource
62
63
Returns:
64
Iterator[ServerVulnerabilityAssessment]: Iterator of assessment objects
65
"""
66
```
67
68
### Server Vulnerability Assessment Settings
69
70
Manage settings and configuration for server vulnerability assessments.
71
72
```python { .api }
73
def list_by_subscription(
74
**kwargs: Any
75
) -> Iterator[ServerVulnerabilityAssessmentsSettings]:
76
"""
77
List server vulnerability assessment settings for the subscription.
78
79
Returns:
80
Iterator[ServerVulnerabilityAssessmentsSettings]: Iterator of settings objects
81
"""
82
83
def get(
84
setting_kind: str,
85
**kwargs: Any
86
) -> ServerVulnerabilityAssessmentsSettings:
87
"""
88
Get server vulnerability assessment settings.
89
90
Parameters:
91
- setting_kind (str): Kind of the setting (AzureServersSetting)
92
93
Returns:
94
ServerVulnerabilityAssessmentsSettings: Assessment settings details
95
"""
96
97
def create_or_update(
98
setting_kind: str,
99
body: ServerVulnerabilityAssessmentsSettings,
100
**kwargs: Any
101
) -> ServerVulnerabilityAssessmentsSettings:
102
"""
103
Create or update server vulnerability assessment settings.
104
105
Parameters:
106
- setting_kind (str): Kind of the setting (AzureServersSetting)
107
- body (ServerVulnerabilityAssessmentsSettings): Settings configuration
108
109
Returns:
110
ServerVulnerabilityAssessmentsSettings: Created or updated settings
111
"""
112
113
def delete(
114
setting_kind: str,
115
**kwargs: Any
116
) -> None:
117
"""
118
Delete server vulnerability assessment settings.
119
120
Parameters:
121
- setting_kind (str): Kind of the setting (AzureServersSetting)
122
123
Returns:
124
None
125
"""
126
```
127
128
### SQL Vulnerability Assessment Scans
129
130
Manage SQL database vulnerability assessment scans.
131
132
```python { .api }
133
def list(
134
resource_id: str,
135
**kwargs: Any
136
) -> Iterator[SqlVulnerabilityAssessmentScan]:
137
"""
138
List SQL vulnerability assessment scans for a resource.
139
140
Parameters:
141
- resource_id (str): Full resource ID of the SQL resource
142
143
Returns:
144
Iterator[SqlVulnerabilityAssessmentScan]: Iterator of scan objects
145
"""
146
147
def get(
148
resource_id: str,
149
scan_id: str,
150
**kwargs: Any
151
) -> SqlVulnerabilityAssessmentScan:
152
"""
153
Get details of a specific SQL vulnerability assessment scan.
154
155
Parameters:
156
- resource_id (str): Full resource ID of the SQL resource
157
- scan_id (str): ID of the scan
158
159
Returns:
160
SqlVulnerabilityAssessmentScan: Scan details
161
"""
162
```
163
164
### SQL Vulnerability Assessment Scan Results
165
166
Access and manage SQL vulnerability assessment scan results.
167
168
```python { .api }
169
def list(
170
resource_id: str,
171
scan_id: str,
172
**kwargs: Any
173
) -> Iterator[SqlVulnerabilityAssessmentScanResult]:
174
"""
175
List SQL vulnerability assessment scan results.
176
177
Parameters:
178
- resource_id (str): Full resource ID of the SQL resource
179
- scan_id (str): ID of the scan
180
181
Returns:
182
Iterator[SqlVulnerabilityAssessmentScanResult]: Iterator of scan result objects
183
"""
184
185
def get(
186
resource_id: str,
187
scan_id: str,
188
rule_id: str,
189
**kwargs: Any
190
) -> SqlVulnerabilityAssessmentScanResult:
191
"""
192
Get details of a specific SQL vulnerability assessment scan result.
193
194
Parameters:
195
- resource_id (str): Full resource ID of the SQL resource
196
- scan_id (str): ID of the scan
197
- rule_id (str): ID of the rule
198
199
Returns:
200
SqlVulnerabilityAssessmentScanResult: Scan result details
201
"""
202
```
203
204
### SQL Vulnerability Assessment Baseline Rules
205
206
Manage baseline rules for SQL vulnerability assessments.
207
208
```python { .api }
209
def list(
210
resource_id: str,
211
**kwargs: Any
212
) -> Iterator[SqlVulnerabilityAssessmentBaselineRule]:
213
"""
214
List SQL vulnerability assessment baseline rules.
215
216
Parameters:
217
- resource_id (str): Full resource ID of the SQL resource
218
219
Returns:
220
Iterator[SqlVulnerabilityAssessmentBaselineRule]: Iterator of baseline rule objects
221
"""
222
223
def get(
224
resource_id: str,
225
rule_id: str,
226
**kwargs: Any
227
) -> SqlVulnerabilityAssessmentBaselineRule:
228
"""
229
Get details of a specific SQL vulnerability assessment baseline rule.
230
231
Parameters:
232
- resource_id (str): Full resource ID of the SQL resource
233
- rule_id (str): ID of the rule
234
235
Returns:
236
SqlVulnerabilityAssessmentBaselineRule: Baseline rule details
237
"""
238
239
def create_or_update(
240
resource_id: str,
241
rule_id: str,
242
body: SqlVulnerabilityAssessmentBaselineRule,
243
**kwargs: Any
244
) -> SqlVulnerabilityAssessmentBaselineRule:
245
"""
246
Create or update a SQL vulnerability assessment baseline rule.
247
248
Parameters:
249
- resource_id (str): Full resource ID of the SQL resource
250
- rule_id (str): ID of the rule
251
- body (SqlVulnerabilityAssessmentBaselineRule): Baseline rule data
252
253
Returns:
254
SqlVulnerabilityAssessmentBaselineRule: Created or updated baseline rule
255
"""
256
257
def delete(
258
resource_id: str,
259
rule_id: str,
260
**kwargs: Any
261
) -> None:
262
"""
263
Delete a SQL vulnerability assessment baseline rule.
264
265
Parameters:
266
- resource_id (str): Full resource ID of the SQL resource
267
- rule_id (str): ID of the rule
268
269
Returns:
270
None
271
"""
272
```
273
274
### Sub-Assessments
275
276
Manage detailed vulnerability findings through sub-assessments.
277
278
```python { .api }
279
def list(
280
scope: str,
281
assessment_name: str,
282
**kwargs: Any
283
) -> Iterator[SubAssessment]:
284
"""
285
List sub-assessments for a specific assessment.
286
287
Parameters:
288
- scope (str): Resource scope (subscription, resource group, or resource)
289
- assessment_name (str): Name of the parent assessment
290
291
Returns:
292
Iterator[SubAssessment]: Iterator of SubAssessment objects
293
"""
294
295
def list_all(
296
scope: str,
297
**kwargs: Any
298
) -> Iterator[SubAssessment]:
299
"""
300
List all sub-assessments for a specific scope.
301
302
Parameters:
303
- scope (str): Resource scope (subscription, resource group, or resource)
304
305
Returns:
306
Iterator[SubAssessment]: Iterator of SubAssessment objects
307
"""
308
309
def get(
310
scope: str,
311
assessment_name: str,
312
sub_assessment_name: str,
313
**kwargs: Any
314
) -> SubAssessment:
315
"""
316
Get details of a specific sub-assessment.
317
318
Parameters:
319
- scope (str): Resource scope
320
- assessment_name (str): Name of the parent assessment
321
- sub_assessment_name (str): Name of the sub-assessment
322
323
Returns:
324
SubAssessment: Sub-assessment details
325
"""
326
```
327
328
### Software Inventories
329
330
Manage software inventory and installed software tracking.
331
332
```python { .api }
333
def list_by_extended_resource(
334
resource_group_name: str,
335
resource_namespace: str,
336
resource_type: str,
337
resource_name: str,
338
**kwargs: Any
339
) -> Iterator[Software]:
340
"""
341
List software inventory for an extended resource.
342
343
Parameters:
344
- resource_group_name (str): Name of the resource group
345
- resource_namespace (str): Resource provider namespace
346
- resource_type (str): Resource type
347
- resource_name (str): Name of the resource
348
349
Returns:
350
Iterator[Software]: Iterator of Software objects
351
"""
352
353
def list_by_subscription(
354
**kwargs: Any
355
) -> Iterator[Software]:
356
"""
357
List software inventory for the subscription.
358
359
Returns:
360
Iterator[Software]: Iterator of Software objects
361
"""
362
363
def get(
364
resource_group_name: str,
365
resource_namespace: str,
366
resource_type: str,
367
resource_name: str,
368
software_name: str,
369
**kwargs: Any
370
) -> Software:
371
"""
372
Get details of specific software in inventory.
373
374
Parameters:
375
- resource_group_name (str): Name of the resource group
376
- resource_namespace (str): Resource provider namespace
377
- resource_type (str): Resource type
378
- resource_name (str): Name of the resource
379
- software_name (str): Name of the software
380
381
Returns:
382
Software: Software inventory details
383
"""
384
```
385
386
## Types
387
388
```python { .api }
389
class ServerVulnerabilityAssessment:
390
id: Optional[str]
391
name: Optional[str]
392
type: Optional[str]
393
provisioning_state: Optional[str] # Succeeded, Failed, Canceled, Provisioning, Deleting
394
395
class ServerVulnerabilityAssessmentsSettings:
396
id: Optional[str]
397
name: Optional[str]
398
type: Optional[str]
399
kind: Optional[str] # AzureServersSetting
400
selected_provider: Optional[str] # Qualys, TVM
401
402
class SqlVulnerabilityAssessmentScan:
403
id: Optional[str]
404
name: Optional[str]
405
type: Optional[str]
406
scan_id: Optional[str]
407
trigger_type: Optional[str] # OnDemand, Recurring
408
state: Optional[str] # Passed, Failed, FailedToRun, InProgress
409
server: Optional[str]
410
database: Optional[str]
411
sql_version: Optional[str]
412
start_time: Optional[datetime]
413
end_time: Optional[datetime]
414
high_severity_failed_rules_count: Optional[int]
415
medium_severity_failed_rules_count: Optional[int]
416
low_severity_failed_rules_count: Optional[int]
417
total_passed_rules_count: Optional[int]
418
total_failed_rules_count: Optional[int]
419
total_rules_count: Optional[int]
420
421
class SqlVulnerabilityAssessmentScanResult:
422
id: Optional[str]
423
name: Optional[str]
424
type: Optional[str]
425
rule_id: Optional[str]
426
status: Optional[str] # NonFinding, Finding, InternalError
427
is_trimmed: Optional[bool]
428
query_results: Optional[List[List[str]]]
429
remediation: Optional[Remediation]
430
base_line_adjusted_result: Optional[BaselineAdjustedResult]
431
rule_metadata: Optional[VaRule]
432
433
class SqlVulnerabilityAssessmentBaselineRule:
434
id: Optional[str]
435
name: Optional[str]
436
type: Optional[str]
437
latest_scan: Optional[bool]
438
results: List[List[str]]
439
440
class SubAssessment:
441
id: Optional[str]
442
name: Optional[str]
443
type: Optional[str]
444
status: Optional[SubAssessmentStatus]
445
remediation: Optional[str]
446
impact: Optional[str]
447
category: Optional[str]
448
description: Optional[str]
449
time_generated: Optional[datetime]
450
resource_details: Optional[ResourceDetails]
451
additional_data: Optional[AdditionalData]
452
453
class Software:
454
id: Optional[str]
455
name: Optional[str]
456
type: Optional[str]
457
device_id: Optional[str]
458
os_platform: Optional[str]
459
vendor: Optional[str]
460
software_name: Optional[str]
461
version: Optional[str]
462
end_of_support_status: Optional[str] # None, noLongerSupported, versionNoLongerSupported, upcomingNoLongerSupported, upcomingVersionNoLongerSupported
463
end_of_support_date: Optional[str]
464
number_of_known_vulnerabilities: Optional[int]
465
first_seen_at: Optional[str]
466
467
class SubAssessmentStatus:
468
code: Optional[str] # Healthy, Unhealthy, NotApplicable
469
cause: Optional[str]
470
description: Optional[str]
471
severity: Optional[str] # Low, Medium, High
472
473
class Remediation:
474
description: Optional[str]
475
scripts: Optional[List[str]]
476
automated: Optional[bool]
477
portal_link: Optional[str]
478
479
class BaselineAdjustedResult:
480
status: Optional[str] # NonFinding, Finding, InternalError
481
482
class VaRule:
483
rule_id: Optional[str]
484
severity: Optional[str] # High, Medium, Low, Informational
485
category: Optional[str]
486
rule_type: Optional[str] # Binary, BaselineExpected, PositiveList, NegativeList
487
title: Optional[str]
488
description: Optional[str]
489
rationale: Optional[str]
490
query_check: Optional[QueryCheck]
491
benchmark_references: Optional[List[BenchmarkReference]]
492
493
class ResourceDetails:
494
source: Optional[str] # Azure, OnPremise, OnPremiseSql
495
id: Optional[str]
496
497
class AdditionalData:
498
assessedResourceType: Optional[str] # SqlServerVulnerability, ContainerRegistryVulnerability, ServerVulnerabilityAssessment
499
workspaceName: Optional[str]
500
serverName: Optional[str]
501
databaseName: Optional[str]
502
patchable: Optional[bool]
503
cve: Optional[List[CVE]]
504
vendorReferences: Optional[List[VendorReference]]
505
cvss: Optional[Dict[str, CVSS]]
506
507
class QueryCheck:
508
query: Optional[str]
509
expected_result: Optional[List[List[str]]]
510
column_names: Optional[List[str]]
511
512
class BenchmarkReference:
513
benchmark: Optional[str]
514
reference: Optional[str]
515
516
class CVE:
517
title: Optional[str]
518
link: Optional[str]
519
520
class VendorReference:
521
title: Optional[str]
522
link: Optional[str]
523
524
class CVSS:
525
base: Optional[float]
526
```
527
528
## Usage Examples
529
530
### Server Vulnerability Assessment Management
531
532
```python
533
from azure.identity import DefaultAzureCredential
534
from azure.mgmt.security import SecurityCenter
535
536
credential = DefaultAzureCredential()
537
client = SecurityCenter(credential, "subscription-id")
538
539
# Configure server vulnerability assessment for a VM
540
vm_resource_id = "/subscriptions/sub-id/resourceGroups/rg/providers/Microsoft.Compute/virtualMachines/vm1"
541
542
assessment = client.server_vulnerability_assessment.create_or_update(vm_resource_id)
543
print(f"Server vulnerability assessment configured: {assessment.name}")
544
print(f"Provisioning state: {assessment.provisioning_state}")
545
546
# List all server vulnerability assessments
547
assessments = client.server_vulnerability_assessment.list_by_extended_resource(
548
"/subscriptions/sub-id"
549
)
550
551
for assessment in assessments:
552
print(f"Assessment: {assessment.name}")
553
print(f"State: {assessment.provisioning_state}")
554
555
# Configure assessment settings at subscription level
556
settings = {
557
"kind": "AzureServersSetting",
558
"selected_provider": "Qualys"
559
}
560
561
assessment_settings = client.server_vulnerability_assessments_settings.create_or_update(
562
"AzureServersSetting",
563
settings
564
)
565
print(f"Assessment settings configured: {assessment_settings.selected_provider}")
566
567
# List all assessment settings
568
all_settings = client.server_vulnerability_assessments_settings.list_by_subscription()
569
for setting in all_settings:
570
print(f"Setting: {setting.kind}")
571
print(f"Provider: {setting.selected_provider}")
572
```
573
574
### SQL Vulnerability Assessment Management
575
576
```python
577
# SQL database resource ID
578
sql_db_resource_id = "/subscriptions/sub-id/resourceGroups/rg/providers/Microsoft.Sql/servers/sqlserver/databases/db1"
579
580
# List SQL vulnerability assessment scans
581
sql_scans = client.sql_vulnerability_assessment_scans.list(sql_db_resource_id)
582
583
for scan in sql_scans:
584
print(f"SQL Scan: {scan.scan_id}")
585
print(f"State: {scan.state}")
586
print(f"Trigger: {scan.trigger_type}")
587
print(f"Database: {scan.database}")
588
print(f"SQL Version: {scan.sql_version}")
589
print(f"Start Time: {scan.start_time}")
590
print(f"End Time: {scan.end_time}")
591
print(f"High Severity Failures: {scan.high_severity_failed_rules_count}")
592
print(f"Medium Severity Failures: {scan.medium_severity_failed_rules_count}")
593
print(f"Low Severity Failures: {scan.low_severity_failed_rules_count}")
594
print(f"Total Passed: {scan.total_passed_rules_count}")
595
print(f"Total Failed: {scan.total_failed_rules_count}")
596
597
# Get scan results for failed scans
598
if scan.state == "Failed" or (scan.total_failed_rules_count and scan.total_failed_rules_count > 0):
599
scan_results = client.sql_vulnerability_assessment_scan_results.list(
600
sql_db_resource_id,
601
scan.scan_id
602
)
603
604
print(f"\n Scan Results for {scan.scan_id}:")
605
for result in scan_results:
606
if result.status == "Finding":
607
print(f" Rule: {result.rule_id}")
608
print(f" Status: {result.status}")
609
if result.rule_metadata:
610
print(f" Severity: {result.rule_metadata.severity}")
611
print(f" Title: {result.rule_metadata.title}")
612
print(f" Description: {result.rule_metadata.description}")
613
if result.remediation:
614
print(f" Remediation: {result.remediation.description}")
615
616
# Get specific scan details
617
specific_scan = client.sql_vulnerability_assessment_scans.get(
618
sql_db_resource_id,
619
"scan-001"
620
)
621
print(f"\nSpecific Scan Details: {specific_scan.scan_id}")
622
print(f"Server: {specific_scan.server}")
623
print(f"Total Rules: {specific_scan.total_rules_count}")
624
625
# Manage baseline rules
626
baseline_rules = client.sql_vulnerability_assessment_baseline_rules.list(sql_db_resource_id)
627
628
for rule in baseline_rules:
629
print(f"Baseline Rule: {rule.name}")
630
print(f"Latest Scan: {rule.latest_scan}")
631
print(f"Results Count: {len(rule.results or [])}")
632
633
# Create/update baseline rule
634
baseline_rule_data = {
635
"latest_scan": True,
636
"results": [
637
["value1", "value2"],
638
["value3", "value4"]
639
]
640
}
641
642
updated_rule = client.sql_vulnerability_assessment_baseline_rules.create_or_update(
643
sql_db_resource_id,
644
"rule-001",
645
baseline_rule_data
646
)
647
print(f"Updated baseline rule: {updated_rule.name}")
648
```
649
650
### Sub-Assessment Analysis
651
652
```python
653
# List all sub-assessments for subscription
654
scope = "subscriptions/subscription-id"
655
sub_assessments = client.sub_assessments.list_all(scope)
656
657
vulnerability_findings = []
658
for sub_assessment in sub_assessments:
659
print(f"Sub-Assessment: {sub_assessment.name}")
660
print(f"Category: {sub_assessment.category}")
661
print(f"Description: {sub_assessment.description}")
662
print(f"Impact: {sub_assessment.impact}")
663
print(f"Time Generated: {sub_assessment.time_generated}")
664
665
if sub_assessment.status:
666
print(f"Status: {sub_assessment.status.code}")
667
print(f"Severity: {sub_assessment.status.severity}")
668
print(f"Status Description: {sub_assessment.status.description}")
669
670
# Collect high/medium severity findings
671
if sub_assessment.status.severity in ["High", "Medium"]:
672
vulnerability_findings.append({
673
"name": sub_assessment.name,
674
"severity": sub_assessment.status.severity,
675
"category": sub_assessment.category,
676
"description": sub_assessment.description,
677
"remediation": sub_assessment.remediation
678
})
679
680
if sub_assessment.additional_data:
681
print(f"Resource Type: {sub_assessment.additional_data.assessedResourceType}")
682
if hasattr(sub_assessment.additional_data, 'cve') and sub_assessment.additional_data.cve:
683
print(f"CVEs: {len(sub_assessment.additional_data.cve)}")
684
for cve in sub_assessment.additional_data.cve[:3]: # Show first 3 CVEs
685
print(f" - {cve.title}: {cve.link}")
686
687
print(f"\nHigh/Medium Severity Findings: {len(vulnerability_findings)}")
688
for finding in vulnerability_findings[:10]: # Show first 10
689
print(f" {finding['severity']}: {finding['category']} - {finding['name']}")
690
691
# Get specific sub-assessment
692
specific_sub_assessment = client.sub_assessments.get(
693
scope,
694
"parent-assessment-name",
695
"sub-assessment-name"
696
)
697
print(f"\nSpecific Sub-Assessment: {specific_sub_assessment.name}")
698
print(f"Resource Details: {specific_sub_assessment.resource_details}")
699
```
700
701
### Software Inventory Management
702
703
```python
704
# List software inventory for subscription
705
software_inventory = client.software_inventories.list_by_subscription()
706
707
vulnerable_software = []
708
end_of_support_software = []
709
710
for software in software_inventory:
711
print(f"Software: {software.software_name}")
712
print(f"Vendor: {software.vendor}")
713
print(f"Version: {software.version}")
714
print(f"OS Platform: {software.os_platform}")
715
print(f"Device ID: {software.device_id}")
716
print(f"Known Vulnerabilities: {software.number_of_known_vulnerabilities}")
717
print(f"End of Support Status: {software.end_of_support_status}")
718
print(f"End of Support Date: {software.end_of_support_date}")
719
print(f"First Seen: {software.first_seen_at}")
720
721
# Identify vulnerable software
722
if (software.number_of_known_vulnerabilities and
723
software.number_of_known_vulnerabilities > 0):
724
vulnerable_software.append({
725
"name": software.software_name,
726
"vendor": software.vendor,
727
"version": software.version,
728
"vulnerabilities": software.number_of_known_vulnerabilities,
729
"device_id": software.device_id
730
})
731
732
# Identify end-of-support software
733
if software.end_of_support_status in ["noLongerSupported", "versionNoLongerSupported"]:
734
end_of_support_software.append({
735
"name": software.software_name,
736
"vendor": software.vendor,
737
"version": software.version,
738
"status": software.end_of_support_status,
739
"end_date": software.end_of_support_date,
740
"device_id": software.device_id
741
})
742
743
print(f"\nVulnerable Software Found: {len(vulnerable_software)}")
744
for software in vulnerable_software[:10]: # Show first 10
745
print(f" {software['name']} v{software['version']} - {software['vulnerabilities']} vulnerabilities")
746
747
print(f"\nEnd-of-Support Software Found: {len(end_of_support_software)}")
748
for software in end_of_support_software[:10]: # Show first 10
749
print(f" {software['name']} v{software['version']} - {software['status']}")
750
751
# Get software inventory for specific VM
752
vm_software = client.software_inventories.list_by_extended_resource(
753
"vm-rg",
754
"Microsoft.Compute",
755
"virtualMachines",
756
"vm1"
757
)
758
759
print(f"\nSoftware on VM1:")
760
for software in vm_software:
761
print(f" {software.software_name} v{software.version}")
762
if software.number_of_known_vulnerabilities and software.number_of_known_vulnerabilities > 0:
763
print(f" ⚠️ {software.number_of_known_vulnerabilities} known vulnerabilities")
764
```
765
766
### Vulnerability Management Dashboard
767
768
```python
769
def create_vulnerability_management_dashboard():
770
"""Create a comprehensive vulnerability management dashboard."""
771
772
print("Vulnerability Management Dashboard")
773
print("=" * 50)
774
775
# Server Vulnerability Assessments
776
print("\n1. Server Vulnerability Assessments:")
777
try:
778
server_settings = client.server_vulnerability_assessments_settings.list_by_subscription()
779
settings_count = sum(1 for _ in server_settings)
780
print(f" Configured Settings: {settings_count}")
781
except Exception as e:
782
print(f" Settings: Unable to retrieve ({e})")
783
784
# SQL Vulnerability Assessments
785
print("\n2. SQL Vulnerability Assessments:")
786
# Note: Would need specific SQL resource IDs to get actual scan data
787
print(" Requires specific SQL resource IDs for detailed analysis")
788
789
# Sub-Assessments Summary
790
print("\n3. Vulnerability Findings (Sub-Assessments):")
791
scope = "subscriptions/subscription-id"
792
sub_assessments = client.sub_assessments.list_all(scope)
793
794
severity_counts = {"High": 0, "Medium": 0, "Low": 0}
795
category_counts = {}
796
total_findings = 0
797
798
for sub_assessment in sub_assessments:
799
total_findings += 1
800
if sub_assessment.status and sub_assessment.status.severity:
801
severity = sub_assessment.status.severity
802
if severity in severity_counts:
803
severity_counts[severity] += 1
804
805
if sub_assessment.category:
806
category_counts[sub_assessment.category] = category_counts.get(
807
sub_assessment.category, 0
808
) + 1
809
810
print(f" Total Findings: {total_findings}")
811
print(f" High Severity: {severity_counts['High']}")
812
print(f" Medium Severity: {severity_counts['Medium']}")
813
print(f" Low Severity: {severity_counts['Low']}")
814
815
print("\n Top Categories:")
816
sorted_categories = sorted(category_counts.items(), key=lambda x: x[1], reverse=True)
817
for category, count in sorted_categories[:5]:
818
print(f" {category}: {count}")
819
820
# Software Inventory
821
print("\n4. Software Inventory:")
822
software_inventory = client.software_inventories.list_by_subscription()
823
824
total_software = 0
825
vulnerable_count = 0
826
end_of_support_count = 0
827
total_vulnerabilities = 0
828
829
for software in software_inventory:
830
total_software += 1
831
832
if (software.number_of_known_vulnerabilities and
833
software.number_of_known_vulnerabilities > 0):
834
vulnerable_count += 1
835
total_vulnerabilities += software.number_of_known_vulnerabilities
836
837
if software.end_of_support_status in ["noLongerSupported", "versionNoLongerSupported"]:
838
end_of_support_count += 1
839
840
print(f" Total Software Packages: {total_software}")
841
print(f" Vulnerable Packages: {vulnerable_count}")
842
print(f" Total Known Vulnerabilities: {total_vulnerabilities}")
843
print(f" End-of-Support Packages: {end_of_support_count}")
844
845
# Risk Assessment
846
print("\n5. Risk Assessment:")
847
critical_risk = severity_counts["High"] + (vulnerable_count * 0.1)
848
if critical_risk > 10:
849
print(" 🔴 High Risk - Immediate attention required")
850
elif critical_risk > 5:
851
print(" 🟡 Medium Risk - Plan remediation activities")
852
else:
853
print(" 🟢 Low Risk - Continue monitoring")
854
855
return {
856
"total_findings": total_findings,
857
"high_severity": severity_counts["High"],
858
"medium_severity": severity_counts["Medium"],
859
"low_severity": severity_counts["Low"],
860
"total_software": total_software,
861
"vulnerable_software": vulnerable_count,
862
"total_vulnerabilities": total_vulnerabilities,
863
"end_of_support": end_of_support_count,
864
"risk_score": critical_risk
865
}
866
867
# Generate the dashboard
868
dashboard_data = create_vulnerability_management_dashboard()
869
```