Cybrium CLI — overview
cybrium is the official command-line interface to the Cybrium platform. Launch scans from your terminal, pipe findings into CI, and run adversary campaigns without leaving your shell.
- Language: Go
- License: Apache 2.0
- Repo: github.com/cybrium-ai/cli
- Install:
brew install cybrium
What it does
| Command | Purpose |
|---|---|
cybrium login | Browser-based OAuth2 sign-in (auth-code + PKCE) |
cybrium login --device | Headless short-code flow for SSH / CI |
cybrium logout | Revoke local credentials |
cybrium whoami | Show current user + tenant |
cybrium scan <target> | Kick off a scan on the platform |
cybrium findings list | List findings in the current tenant |
cybrium findings show <id> | Show one finding in detail |
cybrium findings upload <sarif> | Push SARIF from any tool into the platform |
cybrium campaign ... | Create / list / inspect adversary campaigns |
How it relates to cyscan
They're different tools for different jobs:
| tool | Role | Where it runs |
|---|---|---|
| cyscan | Local SAST / SCA / secrets scanner | Your laptop, CI runner |
| cybrium | Platform client (auth, upload, orchestrate) | Your laptop, CI runner |
Typical pairing:
cyscan scan . --format sarif | cybrium findings upload -
Cyscan does the detection, cybrium pushes results to your tenant where reachability, dashboards, and team triage happen.
Config file
~/.cybrium/config.yml — minimal by design:
api_url: https://app.cybrium.ai/api
token: sk-...
Override at runtime with flags or environment:
cybrium --api http://localhost:8000/api whoami
CYBRIUM_API=http://localhost:8000/api cybrium whoami
What's on the roadmap
cybrium completion {bash,zsh,fish}— shell completionscybrium config— manage multiple tenants from one CLI- Windows codesigning