/mx-toolbox

mx-toolbox is a collection of scripts that will perform various API driven automation tasks, and are typically invoked by the "run OS command" action set from the MX itself. There is a common utility library that is shared by these scripts.

Primary LanguagePythonMIT LicenseMIT

Imperva SecureSphere MX-Toolbox

The SecureSphere MX-Toolbox is a general purpose repository for custom packages, integrations, and monitoring add-ons for the SecureSphere MX and Gateway appliances.

  1. Alerts to New Relic - Send alerts to New Relic via custom action set
  2. Camo CX-Discover Integration - Process CAMO classification .csv report to create table groups, and convert to json to push to S3
  3. ServiceNow Integration - Alert to incident, change control reconciliation audit enrichment, close-the-loop updating change requests with queries, and vulnerability assessment export to CMDB and vulnerable items in ServiceNow
  4. Export KRP Rules to Dataset - Export KRP rules in the siote tree to .csv and upload to data set
  5. Export WAF Profile Learned Hosts to CSV - Export all learned hosts in web profiles to .csv
  6. Export Table Groups to CSV - Export table groups to .csv
  7. MX WAF Security Policy Sync - Replicate and sync security policies across multiple MXs in AWS
  8. MX and Gateway Performance Monitoring - Output performance data (CPU, counters, network stats, disk, etc) from both MX and Gateway appliances in near real-time simultaneously to new relic, influxdb/grafana, and/or to SIEM via syslog with uniquely indexed json.
  9. DB Login to Dataset - Alert on multiple logged in db sessions from separate IPs per DB user in real-time