Edgescan
Last updated
Last updated
© 2024 PlexTrac, Inc. All rights reserved.
PlexTrac integrates with Edgescan, allowing users to import the findings from Edgescan's vulnerability detection into a PlexTrac report. This integration streamlines the process by leveraging Edgescan's automated vulnerability scanning capabilities and the reporting and management features of PlexTrac.
This is a licensed feature.
Below are the field mappings from Edgescan to PlexTrac, broken up by findings and assets.
Tables include the following columns:
Edgescan Field: the field name that appears in Edgescan
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
Required: denotes if a value is required in the field for the import to be successful
Notes: additional information
Vulnerability Name
-->
Finding Title
yes
Vulnerability Description
-->
Finding Description
yes
Vulnerability Date Opened
-->
Finding Created At
no
Vulnerability Date Closed
-->
Finding Closed At
no
Vulnerability Status
-->
Finding Status
yes
Status
Has multiple values, which are listed below in italics.
Open
-->
Finding ="OPEN"
no
Closed
-->
Finding = "CLOSED"
no
Risk Accepted
x
no
Vulnerability Remediation
-->
Finding Recommendations
no
Vulnerability CVSS Score
-->
Finding CVSS
no
Vulnerability CVSS Vector
-->
Finding Score Type
no
Vulnerability CVSS Vector
-->
Finding CVSS
no
Vulnerability Risk
-->
Finding Severity
no
Severity
Has multiple values, listed below in italics.
Minimal
-->
Informational
no
Low
-->
Low
no
Medium
-->
Medium
no
High
-->
High
no
Critical
-->
Critical
no
Vulnerability Custom Details Data
-->
Finding Custom Field "Edgescan Details"
yes
Vulnerability Asset Tags
-->
Finding Tags
no
Vulnerability ID
-->
Finding Tags
no
Organization
-->
Findings Tag
no
Vulnerability Asset
-->
Affected Assets
no
Asset/Location
-->
Affected Assets
no
Asset Name (Including Numeric ID)
-->
Asset Parent
no
Locations
-->
Child Asset
no
Asset Url(s)
-->
Asset Host FQDN
no
Asset Host Name
-->
Asset Host Name
no
Asset Ip(s)
-->
Asset Known Ip Address(s)
no
Request
-->
Asset Evidence- Scan Output
no
Response
-->
Asset Evidence- Scan Output
no
Asset Type
Asset Type has multiple values, listed below in blue.
Network
-->
Network Device
no
Web Application
-->
Application
no
Container
x
no
After a finding from Edgescan is imported into a report, metadata and content are presented within PlexTrac on the Finding Detail page, as shown below. The finding source value is "Edgescan," and any tags associated with the finding from Edgescan are provided along with any added within PlexTrac when imported.
If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the Edgescan Vulnerability ID
in parenthesis at the end of the finding title.
Step 1: From the Admin Dashboard, click Integrations under the "Tools & Integrations" header.
Step 2: Click the Edgescan box.
Step 3: Click New connection.
Step 4: On the Configuration Details tab, enter a name for the integration, the Edgescan URL value, the Edgescan API key, and if closed vulnerabilities should be included.
Integration name: A name for this integration. When importing findings, this value will appear elsewhere in the platform along with other enabled integrations, so pick a unique but accurate name.
Edgescan URL: The Edgescan instance URL.
Edgescan API Key: The Edgescan instance API key. Visit Edgescan support for information on generating an API key.
Closed Vulnerabilities: Determines whether to include closed vulnerabilities and, if yes, the time of closure to consider for inclusion.
Step 5: On the Mapping tab, review the mappings and select the fields to import into PlexTrac by validating that the checkbox next to the field is selected. To ignore a field upon import, uncheck the box under the "Sync" column. Required fields (checkbox is greyed out) cannot be altered.
Step 6: Click Save.
Step 7: A message on the First Synch tab will confirm if the synch was successful. If successful, click Got It.
The connection is now listed.
Connections are edited by clicking Edit under the "Actions" column.
Connections can be disabled by clicking the toggle bar under the "Enabled" column.
Connections can be manually synchronized by clicking Sync under the "Actions" column.
Connections can be deleted by clicking the three dots under the "Actions" column and then Delete. A modal will appear, asking for confirmation of action.
Findings from Edgescan can now be imported into a report.
Step 1: Click Edit of the connection to review.
Step 2: Click the Synch Log tab.
A list of all synchronization records and status results is provided.
Step 3: Click View to obtain more information about a specific record.
Step 4: More details about remote URLs and JSON responses are available by clicking the headers below to expand the section.
Click Ok or Cancel to return to the previous modal.