Skip to main content

Setup

Downlod and Install

To download and install the right version of our CLI, use the following command :
If you encounter some problems and you need to reinstall the CLI you can use the command symbiotic-cli install -f

Retrieve and set your token

To use our CLI you will need a personal access token, that you can create and retrieve here. Once you have it, set the SYMBIOTIC_API_TOKEN environment variable with your token.

Usage

CLI documentation

Discover available commands and options.

Scan

As of today, two types of scan are available in our CLI :
  1. Infrastructure scan to review IaC files
  2. Code scan to review generic programming languages
Both commands will return a JSON object with the following structure
Vulnerabilities found will be JSON objects in the fail_results table with the following structure:

AI Services

To use our AI services you will need to set the target LLM environement variable SYMBIOTIC_TARGET_LLM_API=https://llm-proxy.symbioticsec.ai/

Remediate

After detecting a vulnerability, you can use the our AI service to generate a tailored remediation using the following command.

Explain false positive reason

If an issue is likely a false positive, remediation will not be generated and false_positive_status will be equal to FALSE_POSITIVE. In that case, you can use one of our AI services to know more about why this issues soudns like a false positive with the following command.
The answer will be a Markdown text explaining in details why this issue is likely a false positive.