rimae/scan Documentation¶
rimae/scan is a self-hosted vulnerability intelligence platform. It continuously crawls 70+ vulnerability sources, collects live asset inventory from your infrastructure, and correlates them into a prioritized remediation queue -- giving your security team a single pane of glass for vulnerability management.
Key Features¶
-
70+ Vulnerability Sources -- CVE databases (NVD, MITRE, CIRCL, OSV), exploit signals (ExploitDB, Metasploit, Nuclei), EPSS scores, CISA KEV catalog, CSAF feeds, ecosystem advisories (GHSA, PyPA, RustSec, npm, Go, RubyGems, Composer, Sonatype), national CERTs (US-CERT, BSI, ANSSI, NCSC-UK, JPCERT, ENISA, and more), vendor advisories (Red Hat, Debian, Broadcom/VMware, HashiCorp, Grafana, Jenkins, Kubernetes, and more), threat intel (GreyNoise, OTX, ThreatFox, SANS ISC), and supply chain data (deps.dev, OpenSSF Scorecard).
-
Live Asset Inventory -- Collects OS packages, application versions, infrastructure components (Ceph, Docker), and container images from your fleet via Wazuh agent integration, HTTP probes, and API polling.
-
GitHub Organization Scanning -- Scans repositories across your GitHub organization, parses dependency manifests (package-lock.json, Pipfile.lock, go.sum, Cargo.lock, pom.xml, and 15+ more formats), and correlates dependencies against ecosystem vulnerability databases.
-
Correlation Engine -- A 7-step pipeline that matches your asset inventory against vulnerability data, deduplicates results, and produces scored vulnerability matches with configurable priority signals (CVSS, EPSS, exploit availability, KEV status).
-
Prioritized Remediation Queue -- Surfaces the vulnerabilities that matter most, ranked by a composite risk score you can customize. Track status from open through in-review to resolved.
-
Multi-Format Export -- Generate reports in CSV, JSON, HTML, PDF, XLSX, CycloneDX SBOM, and SPDX. Includes executive summary, asset report, vulnerability report, and remediation queue templates.
-
Compliance Reporting -- Built-in report templates for ISO 27001, SOC 2, PCI DSS, NIST CSF, CIS Controls, and HIPAA. Auto-collect evidence from vulnerability data, audit logs, and integration status. Upload additional evidence for auditor review.
-
White-Label Branding -- Customize the logo, colors, and product name through the Settings UI.
-
Role-Based Access -- Three roles (admin, analyst, read-only) with support for internal authentication, LDAP, and OIDC providers.
-
OS-Aware Advisory Matching -- Tracks Ubuntu, AlmaLinux/RHEL, Proxmox, ESXi, and Debian with per-distro advisory feeds (USN, ALSA, DSA, VMSA, OVAL).
-
LLM-Powered Agents -- Optional AI agents for source discovery and version onboarding, powered by the Anthropic API.
Documentation¶
| Page | Description |
|---|---|
| Getting Started | Quick start guide -- system requirements, installation, and first-run setup |
| Installation | Detailed installation guide covering all methods, upgrading, and uninstalling |
| Configuration | Complete configuration reference, service management, logs, backup, and restore |
| Architecture | System architecture, component breakdown, data flow, and directory structure |
| Settings Reference | Integrations, vuln sources, scoring formula, retention, branding, and system status |
| Authentication | Internal auth, LDAP, OIDC/SSO, user roles, and API keys |
| API Reference | Complete REST API documentation with examples |
| Reports & Exports | CSV, JSON, HTML, PDF, XLSX, CycloneDX, and SPDX export formats |
| Compliance Reports | ISO 27001, SOC 2, PCI DSS, NIST CSF, CIS Controls, HIPAA reporting and evidence management |
| LLM Agents | OS version onboarding and source discovery agents |
| Troubleshooting | Common issues, diagnostics, performance tuning, and health checks |
Quick Links¶
- Health Check:
https://your-domain/health - API Documentation:
https://your-domain/api/docs(auto-generated OpenAPI) - Setup Wizard:
https://your-domain/setup(first-run only)
License¶
rimae/scan is proprietary software. See the LICENSE file for details.