diff --git a/docs/user-guide/README.md b/docs/user-guide/README.md index cc728bc7..c0b3a4c0 100644 --- a/docs/user-guide/README.md +++ b/docs/user-guide/README.md @@ -8,4 +8,131 @@ category: "use" # Using the secureCodeBox -> ✍ **Page under construction.** \ No newline at end of file + +> ✍ **Page under construction.** + +## Declarative Combined Scans + +### Install Hook + +Installing the Declarative Combined Scan hook will add a ReadOnly Hook to your namespace which looks for matching CascadingRules in the namespace and starts subsequent scans accordingly. + +```bash +helm install combined-scans ./hooks/declarative-subsequent-scans +``` + +### Verify Hook Installation + +Successful installation can be verified by retrieving installed ScanCompletionHooks. + +```bash +kubectl get ScanCompletionHooks +``` + +The result should contain a hook for declarative subsequent scans. + +```bash +NAME TYPE IMAGE +combined-scans-declarative-subsequent-scans ReadOnly docker.io/scbexperimental/hook-declarative-subsequent-scans:latest +``` + +### Verify CascadingRules + +CascadingRules are included in each individual scanner's Helm chart. + +```bash +kubectl get CascadingRules +``` + +Output should show these CascadingRules: + +```bash +NAME STARTS INVASIVENESS INTENSIVENESS +https-tls-scan sslyze non-invasive light +imaps-tls-scan sslyze non-invasive light +nikto-http nikto non-invasive medium +nmap-smb nmap non-invasive light +pop3s-tls-scan sslyze non-invasive light +smtps-tls-scan sslyze non-invasive light +ssh-scan ssh-scan non-invasive light +zap-http zap-baseline non-invasive medium +``` + +### Start Scans + +When you start a normal Scan, no CascadingRule will be applied. +To use CascadingRules the scan must be marked to allow cascading rules. + +This is implemented using kubernetes label selectors, meaning that scans mark the classes of scans which are allowed to be cascaded by the current one. + +### Example + +```bash +cat <