# Cobalt Cobalt is an integrated pentesting platform facilitating communication between development and security teams. Cobalt helps developers identify and mitigate security vulnerabilities in their code by specifying security policies and checking compliance. The tool can detect many vulnerabilities, including buffer overflows, integer overflows, and format string vulnerabilities. Cobalt findings can be imported into a PlexTrac report.
{% hint style="info" %} This is a licensed feature. {% endhint %} ## Field Mappings Below are the field mappings from Cobalt to PlexTrac, broken up by findings and assets. Tables include the following columns: * **Cobalt Field:** the field name that appears in Cobalt * **PlexTrac Field:** the field name that appears in PlexTrac * **Direction:** displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported) * **Required:** denotes if a value is required for the import to be successful * **Notes:** additional information ### Findings Field Mappings
Cobalt FieldDirectionPlexTrac FieldRequired?Notes
Finding Title-->Finding Titleyes
Finding Suggested Fix-->Recommendationsyes
Finding Descriptions, Type Category-->Finding Descriptionyes
Finding State-->Finding Statusyes
StatusHas multiple values, listed below in italics.
Triaging-->Finding="OPEN"no
Pending Fix-->Finding="OPEN"no
Ready for Retest-->Finding="OPEN"no
Resolved-->Finding="OPEN"no
Vulnerability Remediation-->Finding Recommendationsyes
Log [Created]-->Created Atyes
Finding Severity-->Finding Severityyes
SeverityHas multiple values, listed below in italics.
Informational-->Informationalno
Low-->Lowno
Medium-->Mediumno
High-->Highno
Critical-->Criticalno
Pentest Name-->Finding Custom Field "Cobalt Pentest Report Name"yes
Cobalt Proof of Concept-->Finding Custom Field "Cobalt Proof of Concept"noAny images or html in this field will be imported (images as Base64).
### Asset Field Mappings
Cobalt FieldDirectionPlexTrac FieldRequired?Notes
Finding Affected Targets-->Affected AssetsyesIP or Hostname
## Deduplication Logic If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the finding unique identifier value pulled from Cobalt in parenthesis at the end of the finding title.
## Integrating with Cobalt Step 1: From the **Admin Dashboard**, click **Integrations** under "Tools & Integrations."
Step 2: Click **Connect** within the Cobalt box.
{% hint style="info" %} If the integration is not licensed and thus unavailable, the message "License required" will appear. ![](https://4252973360-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LXA6EayCcg12qfDcfXd%2Fuploads%2FixKwaSfkZPlqwUgQH1Hc%2Fimage.png?alt=media\&token=f5e24669-937c-467b-824d-80c163ac9f98) {% endhint %} Step 3: If existing connections exist, they are listed on this page. To set up a new integration, click the **New connection** button.
Step 4: A modal appears with four tabs. Enter a name for the integration, the Cobalt URL, and the Cobalt API key. Click **Continue**.
Step 5: Select the Cobalt organization value from the pulldown menu. Click **Continue**. {% hint style="info" %} The Cobalt Organization value is found within Cobalt. Visit [Cobalt documentation](https://cobaltio.zendesk.com/hc/en-us/articles/360058952831-Introducing-the-Cobalt-API) on how to generate an API key. {% endhint %}
Step 6: A list of the field mappings from Cobalt to PlexTrac is displayed. Click **Save**. {% hint style="info" %} None of these fields can be edited and are displayed for visibility. {% endhint %}
Step 7: A log of integration attempts is listed. Since an attempt to synchronize is attempted after entering configuration information on the first tab, at least one entry will be listed. Click **Close**.
## Editing Existing Connections Cobalt integrations can be edited by clicking **Edit** under the "Actions" column.
Cobalt integrations can be disabled by clicking the toggle bar under the "Enabled" column.
Cobalt integrations can be manually synchronized by clicking **Sync** under the "Actions" column.
Cobalt integrations can be deleted by clicking the three dots under the "Actions" column and then clicking **Delete**. A modal will appear, asking for confirmation of the action.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.plextrac.com/plextrac-documentation/product-documentation-1/account-management/account-admin/integrations-and-webhooks/integrations-api/cobalt.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.