The CybeDefend CLI provides an efficient way to run local code scans and view results on our platform. It supports Linux, macOS, and Windows and is easily integrated into CI/CD pipelines or used in offline environments.

Usage

cybedefend [command] [flags]

CybeDefend CLI is a CLI tool to interact with the CybeDefend API.

Usage:
  cybedefend [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  results     Get scan results
  scan        Start a new scan
  version     Show the version of cybedefend

Flags:
      --api-key string   API Key
      --api-url string   API URL (default "http://app-preprod.cybedefend.com/")
      --ci               CI mode
      --config string    Config file (default is $HOME/.cybedefend/config.yaml) (optional)
      --debug            Debug mode
  -h, --help             help for cybedefend

Use "cybedefend [command] --help" for more information about a command.

Installation

1. Pre-built Binaries

  1. Download the release for your platform (e.g., cybedefend-darwin-amd64, cybedefend-linux-amd64, or cybedefend-windows-amd64.exe).
  2. Make Executable (Linux/macOS): 
    chmod +x cybedefend-<platform>
  3. Move to PATH: 
    sudo mv cybedefend-<platform> /usr/local/bin/cybedefend
  4. Check: 
    cybedefend --version

2. Build from Source

git clone https://github.com/CybeDefend/cybedefend-cli.git
cd cybedefend-cli
go build -o cybedefend
mv cybedefend /usr/local/bin
cybedefend --help

Configuration

  1. Config File (config.yaml in ./, $HOME/.cybedefend, or /etc/cybedefend): 
    api_url: "http://app-preprod.cybedefend.com/"
api_key: "your-api-key"
project_id: "your-project-id"
  2. Environment Variables:
    • CYBEDEFEND_API_URL
    • CYBEDEFEND_API_KEY
    • CYBEDEFEND_PROJECT_ID
  3. Flags override these settings:
    • --api-url, --api-key, --project-id

Commands

1. scan

cybedefend scan [flags]
  • --dir, -d: Directory to zip & scan.
  • --file, -f: Pre-zipped file to scan.
  • --project-id: Associate scan with a project.
  • --ci: CI-friendly output (no color/ASCII).

Examples

cybedefend scan --dir ./my-app --api-key your-api-key --project-id your-project-id
cybedefend scan --file ./my-app.zip
cybedefend scan --dir ./my-app --ci

2. results

cybedefend results [flags]
  • --project-id: Project ID to fetch results.
  • --type, -t: sast (default) or iac.
  • --all, -a: Fetch all pages.
  • --output, -o: json, html, or sarif.
  • --filename, -f: Output file name (results.json default).
  • --filepath: Path to save file (. default).
  • --ci: CI-friendly mode.

Examples

cybedefend results --project-id your-project-id
cybedefend results --all --output html --filename results.html
cybedefend results --type iac --output sarif --filepath ./reports

3. version

Displays the CLI version:

cybedefend version

4. completion

Generates shell autocompletion for bash, zsh, etc.:

cybedefend completion [shell]

CI/CD Integration

Combine the scan and results commands in your pipelines. For example, GitHub Actions:

- name: Install CybeDefend CLI
  run: |
    curl -L https://github.com/CybeDefend/cybedefend-cli/releases/download/v1.0.0/cybedefend-linux-amd64 -o cybedefend
    chmod +x cybedefend
    sudo mv cybedefend /usr/local/bin/

- name: Run security scan
  run: cybedefend scan --dir ./ --ci \
         --api-key ${{ secrets.CYBEDEFEND_API_KEY }} \
         --project-id ${{ secrets.CYBEDEFEND_PROJECT_ID }}

Use --ci for minimal logs. Fetch detailed results later with cybedefend results.

Next Steps

  • License: Apache 2.0
  • Support: GitHub Issues or contact us at support@cybedefend.com
  • Advanced Topics: Explore environment variables, config files, and flags to customize your local scanning workflow.