1. Introduction
This article explains how to integrate STORM with Cye Platform so you can automatically ingest and manage vulnerability data from STORM files. This helps your organization keep Cye Platform continuously up to date using files you upload to an AWS S3 bucket.
You’ll learn how to set up the integration, configure access credentials, and understand how Cye Platform processes STORM data into actionable findings.
2. Prerequisites
Administrator access to Cye Platform
Permission to upload STORM files to the AWS S3 bucket
A script or internal tool to upload files
Required IP Addresses
For the integration to work smoothly, you may need to allow traffic from Cye Platform’s servers in your firewall or network configuration. This ensures that Cye Platform can securely connect to your environment and perform scans without being blocked.
Depending on your region and the type of scan, add the following IP addresses:
General IPs:
Europe →
18.198.79.197America →
52.1.10.176,35.171.70.87
IPs for Azure and AWS Scans:
Europe →
18.158.77.90America →
34.206.252.13
In most cases, you only need to add the IPs relevant to your region and use case.
Cye Platform's Group Management and Integrations
This section explains how Cye Platform’s Group Management works in general, and how integrations behave when used in a Group Management setup.
What is Cye Platform's Group Management?
Cye Platform’s Group Management is designed for large enterprises with multiple subsidiaries. It gives you:
A centralized view of cybersecurity risk across the entire organization
Key metrics like exposure, cost of breach, and maturity scores
The ability to switch between subsidiaries and view their individual data
Parent admins and power users can view aggregated and subsidiary-level risk, while detailed findings remain visible only to members of the specific subsidiary
Data that updates in real time
To enable Group Management, contact your CYE Technical Account Manager.
How Integrations Work in Group Management
Here’s the important part:
Integrations are created only at the subsidiary level
Findings from an integration appear only in that subsidiary’s dashboards and reports
Parent companies cannot create integrations — they can only view the aggregated results
Best Practices for Combining Integrations with Group Management
To get the most out of Group Management with integrations, we recommend:
Each subsidiary should create its own integration, using credentials that only grant access to data relevant to that subsidiary
In some cases, it’s useful to also have a dedicated “General” company, which holds findings that apply to the entire enterprise and cannot be tied to a single subsidiary
The parent company then combines these insights and metrics from all subsidiaries and the General company — but remember, integrations cannot be connected directly to the parent company.
3. Configuring in Cye Platform
1. Add the STORM integration in Cye Platform
In Cye Platform, click Settings > Integrations.
Find the STORM tile and click Add:
Enter a name in the Integration name field:
Click Generate credentials to create your AWS access credentials.
⚠️ These credentials are only created once you click Save.
Click Save to activate the integration.
You’ll use these credentials in your script or application to upload the STORM file daily to the designated AWS S3 bucket.
4. Configuring on the STORM Side
Set up the STORM file upload
On the STORM side, configure a method to upload files to the AWS S3 bucket using the credentials you generated in Cye Platform.
Below is an example script you can adapt. This script is not officially provided or maintained by CYE — it’s just a basic starting point for your own implementation:
from botocore.exceptions import ClientError, NoCredentialsError
# TODO fill those
file_name = "delete_me"
file_content = "qweqwe"
AWS_ACCESS_KEY="..."
AWS_SECRET_KEY="..."
BUCKET_NAME = "cye-hyver-integrations-ingestion-euc1"
AWS_REGION_NAME="eu-central-1"
import boto3
s3_client = boto3.client(
"s3",
aws_access_key_id=AWS_ACCESS_KEY,
aws_secret_access_key=AWS_SECRET_KEY,
region_name=AWS_REGION_NAME
)
prefix = "raw_data/source=bishop/api=storm/company_id=MY_COMPANY_ID/assessment_id=MY_ASSESSMENT_ID/"
file_key = f"{prefix}{file_name}"
try:
# Try to upload a file
s3_client.put_object(Bucket=BUCKET_NAME, Key=file_key, Body=file_content)
print(f"✅ Successfully wrote to '{BUCKET_NAME}' (file: {file_key})")
except ClientError as e:
print(f"❌ Write access denied: {e}")
except NoCredentialsError:
print("❌ No valid AWS credentials found!")
Upload a new or updated STORM file to the bucket daily to keep Cye Platform synchronized.
5. Types of Fetched Entities
How Cye Platform processes STORM data
Once the integration is active and STORM files are being uploaded:
Cye Platform routinely pulls STORM files from the AWS S3 bucket.
It uses CYE AI to extract and interpret the file’s vulnerability data.
Each vulnerability is turned into:
A finding in Cye Platform
One remediation asset
The finding name in Cye Platform is based on the original vulnerability name from STORM, with the STORM NID appended to distinguish it:
If multiple STORM findings map to the same Cye Platform finding type, each instance is distinguished by its NID:
STORM finding statuses are mapped to their corresponding statuses in Cye Platform:
All related STORM details are included in the remediation asset.
Findings are automatically added to the STORM engagement in Cye Platform:
Anyone with the appropriate permissions in Cye Platform can view and manage these findings:
Important notes
STORM file uploads must follow the correct AWS S3 path format (including company ID and assessment ID) for Cye Platform to process them correctly.
The example script provided is not supported or maintained by CYE.
Only users with administrator access in Cye Platform can create integrations and generate credentials.
Note: Permissions must be configured properly in STORM to enable file uploads.
Wrap-up
Once the integration is set up, Cye Platform will automatically handle the heavy lifting — pulling, parsing, and transforming your STORM vulnerability data into usable insights.
Feel free to start small or automate uploads at your own pace — either way, you’re building a stronger, smarter workflow.