Edgescan
PlexTrac integrates with Edgescan, allowing users to import the findings from Edgescan's vulnerability detection into a PlexTrac report. This integration streamlines the process by leveraging Edgescan's automated vulnerability scanning capabilities and the reporting and management features of PlexTrac.
This is a licensed feature.
Field Mappings
Below are the field mappings from Edgescan to PlexTrac, broken up by findings and assets.
Tables include the following columns:
Edgescan Field: the field name that appears in Edgescan
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
Required: denotes if a value is required in the field for the import to be successful
Notes: additional information
Findings Field Mappings
| Edgescan Field | Direction | PlexTrac Field | Required? | Notes |
|---|---|---|---|---|
Vulnerability Name | --> | Finding Title | yes | |
Vulnerability Description | --> | Finding Description | yes | |
Vulnerability Date Opened | --> | Finding Created At | no | |
Vulnerability Date Closed | --> | Finding Closed At | no | |
Vulnerability Status | --> | Finding Status | yes |
Status | Has multiple values, which are listed below in italics. | |||
Open | --> | Finding ="OPEN" | no | |
Closed | --> | Finding = "CLOSED" | no | |
Risk Accepted | x | no | ||
Vulnerability Remediation | --> | Finding Recommendations | no | |
Vulnerability CVSS Score | --> | Finding CVSS | no | |
Vulnerability CVSS Vector | --> | Finding Score Type | no | |
Vulnerability CVSS Vector | --> | Finding CVSS | no | |
Vulnerability Risk | --> | Finding Severity | no |
Severity | Has multiple values, listed below in italics. | |||
Minimal | --> | Informational | no | |
Low | --> | Low | no | |
Medium | --> | Medium | no | |
High | --> | High | no | |
Critical | --> | Critical | no | |
Vulnerability Custom Details Data | --> | Finding Custom Field "Edgescan Details" | yes | |
Vulnerability Asset Tags | --> | Finding Tags | no | |
Vulnerability ID | --> | Finding Tags | no | |
Organization | --> | Findings Tag | no |
Asset Field Mappings
| Edgescan Field | Direction | PlexTrac Field | Required? | Notes |
|---|---|---|---|---|
Vulnerability Asset | --> | Affected Assets | no | |
Asset/Location | --> | Affected Assets | no | |
Asset Name (Including Numeric ID) | --> | Asset Parent | no | |
Locations | --> | Child Asset | no | |
Asset Url(s) | --> | Asset Host FQDN | no | |
Asset Host Name | --> | Asset Host Name | no | |
Asset Ip(s) | --> | Asset Known Ip Address(s) | no | |
Request | --> | Asset Evidence- Scan Output | no | |
Response | --> | Asset Evidence- Scan Output | no | |
Asset Type | Asset Type has multiple values, listed below in blue. | |||
Network | --> | Network Device | no | |
Web Application | --> | Application | no | |
Container | x | no |
After a finding from Edgescan is imported into a report, metadata and content are presented within PlexTrac on the Finding Detail page, as shown below. The finding source value is "Edgescan," and any tags associated with the finding from Edgescan are provided along with any added within PlexTrac when imported.
Deduplication Logic
If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the Edgescan Vulnerability ID in parenthesis at the end of the finding title.
Integrating with Edgescan
Step 1: From the Admin Dashboard, click Integrations under the "Tools & Integrations" header.
Step 2: Click the Edgescan box.
Step 3: Click New connection.
Step 4: On the Configuration Details tab, enter a name for the integration, the Edgescan URL value, the Edgescan API key, and if closed vulnerabilities should be included.
Integration name: A name for this integration. When importing findings, this value will appear elsewhere in the platform along with other enabled integrations, so pick a unique but accurate name.
Edgescan URL: The Edgescan instance URL.
Edgescan API Key: The Edgescan instance API key. Visit Edgescan support for information on generating an API key.
Closed Vulnerabilities: Determines whether to include closed vulnerabilities and, if yes, the time of closure to consider for inclusion.
Step 5: On the Mapping tab, review the mappings and select the fields to import into PlexTrac by validating that the checkbox next to the field is selected. To ignore a field upon import, uncheck the box under the "Sync" column. Required fields (checkbox is greyed out) cannot be altered.
Step 6: Click Save.
Step 7: A message on the First Synch tab will confirm if the synch was successful. If successful, click Got It.
The connection is now listed.
Editing Existing Connections
Connections are edited by clicking Edit under the "Actions" column.
Connections can be disabled by clicking the toggle bar under the "Enabled" column.
Connections can be manually synchronized by clicking Sync under the "Actions" column.
Connections can be deleted by clicking the three dots under the "Actions" column and then Delete. A modal will appear, asking for confirmation of action.
Findings from Edgescan can now be imported into a report.
Viewing Logs
Step 1: Click Edit of the connection to review.
Step 2: Click the Synch Log tab.
A list of all synchronization records and status results is provided.
Step 3: Click View to obtain more information about a specific record.
Step 4: More details about remote URLs and JSON responses are available by clicking the headers below to expand the section.
Click Ok or Cancel to return to the previous modal.
Last updated
