I built an F5 QKview scanner for CISA ED 26-01

Summary

The Department of Homeland Security’s CISA Emergency Directive 26-01 dropped like a thunderclap this week, mandating agencies to identify and report all instances of F5 BIG-IP products within their networks by October 29th (summary) and December 3rd, 2025 (detailed inventory). For many security and compliance teams, those dates are tomorrow in infrastructure time. If you’re staring down those deadlines wondering how to discover F5 assets, extract version data, and produce a verifiable inventory without babysitting spreadsheets or guessing from network logs, Nabla has you covered. Introducing the Nabla ED 26-01 Scanner We’re releasing a new F5 BIG-IP detection and evidence module purpose-built for CISA ED 26-01 compliance, available today after a short into call. The scanner dynamically: Assesses F5 BIG-IP appliances via provided qkview files Extracts firmware version, module signatures, and SSL/TLS configuration evidence Visualizes reachability and dependency paths as Mermaid diagrams, no LLMs or black-box inference required A request usually looks like this: { "assets": [ {"hostname":"bigip-a.agency.gov","mgmt_ip":"203.0.113.10","labels":["prod"]}, {"hostname":"bigip-b.agency.gov","mgmt_ip":"10.0.10.20","labels":["internal"]} ], "inputs": { "qkview": { "kind": "presigned-url", "url": "https://customer-bucket/.../bigip-a.qkview?X-Amz-Expires=600" }, "terraform_states": [ {"kind":"presigned-url","url":"https://customer-bucket/.../bigip.tfstate?sig=..."} ] }, "access": { "icontrol": [ { "base_url":"https://bigip-a.mgmt", "token": "eyJhbGciOi...", // <= short-lived (<=10 min) "scope": "read-only" } ] }, "checks": { "inventory": true, "qkview_runtime": true, "internet_exposure": {"ports":[22,443,8443],"vantage_points":["us-east"]}, "cve_mapping": true, "eos_check": true, "report_cisa": true }, "output": { "deliver_to": "presigned-url", "url": "https://customer-bucket/.../result.json?X-Amz-Expires=600" // optional } } Each scan generates structured evidence compatible wi...