API to Scan All Assets in a Group?

I was attempting to find an easy way to scan all assets that are in an asset group. I plan on using Python and utilizing the VMInsight APIs. I know the APIs can be used to scan assets in a site, but occasionally our groups will have assets that span across multiple sites and there is a need to only scan the items in the group. Currently this process is manual where we execute multiple scans based on the site and limited to the IPs in that asset group.

My current thinking is:

  • Pull all Assets from Asset Group (A) → Store as list or dict
  • Pull all site’s assets → Store each site’s assets as a separate list or dict
  • Cross reference the Asset Group Asset’s with each site’s list/dict → If there is a match, store those matches as a new list (Site A Match, Site B Match, etc).
  • Build separate scans for each site that contained matching assets that are limited to only the assets in the asset groups.
  • Execute Scan

Has anyone tackled this problem this before and do they have any suggestions on going about this in a different/better way?

1 Like

@spence_engleson didn’t you mention that the new platform IVM API supports scanning assets without a site parameter?

If that is the case - that would be great! Currently the only API that I found for scanning is related to Site Scanning " /api/3/sites/{id}/scans".