Links

Edgescan

PlexTrac integrates with Edgescan, allowing users to import the findings from Edgescan's vulnerability detection into a PlexTrac report. This integration streamlines the process by leveraging the automated vulnerability scanning capabilities of Edgescan and the reporting and management features of PlexTrac. This integration enhances collaboration, simplifies reporting, and helps streamline the overall vulnerability management process.
This is a licensed feature.

Field Mappings

Below are the field mappings from Edgescan to PlexTrac, broken up by findings and assets.
Tables include the following columns:
  • Edgescan Field: this is the field name that appears in Edgescan
  • PlexTrac Field: this is the field name that appears in PlexTrac
  • Direction: this displays the direction that the flow of data is occurring for the integration (a value of "x" means that the value is not imported)
  • Required: this denotes if a value is required for the field for the import to be successful
  • Notes: additional information

Findings Field Mappings

Edgescan Field
Direction
PlexTrac Field
Required?
Notes
Vulnerability Name
-->
Finding Title
yes
Vulnerability Description
-->
Finding Description
yes
Vulnerability Date Opened
-->
Finding Created At
no
Vulnerability Date Closed
-->
Finding Closed At
no
Vulnerability Status
-->
Finding Status
yes
Status
Has multiple values, which are listed below in italics.
Open
-->
Finding ="OPEN"
no
Closed
-->
Finding = "CLOSED"
no
Risk Accepted
x
no
Vulnerability Remediation
-->
Finding Recommendations
no
Vulnerability CVSS Score
-->
Finding CVSS
no
Vulnerability CVSS Vector
-->
Finding Score Type
no
Vulnerability CVSS Vector
-->
Finding CVSS
no
Vulnerability Risk
-->
Finding Severity
no
Severity
Has multiple values, listed below in italics.
Minimal
-->
Informational
no
Low
-->
Low
no
Medium
-->
Medium
no
High
-->
High
no
Critical
-->
Critical
no
Vulnerability Custom Details Data
-->
Finding Custom Field "Edgescan Details"
yes
Vulnerability Asset Tags
-->
Finding Tags
no
Vulnerability ID
-->
Finding Tags
no
Organization
-->
Findings Tag
no

Asset Field Mappings

Edgescan Field
Direction
PlexTrac Field
Required?
Notes
Vulnerability Asset
-->
Affected Assets
no
Asset/Location
-->
Affected Assets
no
Asset Name (Including Numeric ID)
-->
Asset Parent
no
Locations
-->
Child Asset
no
Asset Url(s)
-->
Asset Host FQDN
no
Asset Host Name
-->
Asset Host Name
no
Asset Ip(s)
-->
Asset Known Ip Address(s)
no
Request
-->
Asset Evidence- Scan Output
no
Response
-->
Asset Evidence- Scan Output
no
Asset Type
Asset Type has multiple values, listed below in blue.
Network
-->
Network Device
no
Web Application
-->
Application
no
Container
x
no
After a finding from Edgescan is imported into a report, metadata and content are presented within PlexTrac on the Finding Detail page, as shown below. The finding source value is "Edgescan," and any tags associated with the finding from Edgescan are provided along with any added within PlexTrac when imported.

Deduplication Logic

If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the Edgescan Vulnerability ID in parenthesis at the end of the finding title.

Integrating with Edgescan

Step 1: From the Admin Dashboard, click Integrations under the "Tools & Integrations" header.
Step 2: Click the Edgescan box.
Step 3: Click New connection.
Step 4: On the Configuration Details tab, enter a name for the integration, the Edgescan URL value, the Edgescan API key, and if closed vulnerabilities should be included.
  • Integration name: A name for this integration. This value will appear elsewhere in the platform along with other enabled integrations when importing findings, so pick a unique but accurate name.
  • Edgescan URL: The Edgescan instance URL.
  • Edgescan API Key: The Edgescan instance API key. Visit Edgescan support for information on generating an API key.
  • Closed Vulnerabilities: Determines whether to include closed vulnerabilities and, if yes, the time period of closure to consider for inclusion.
Step 5: On the Mapping tab, review the mappings and select the fields to import into PlexTrac by validating that the checkbox next to the field is selected. To ignore a field upon import, uncheck the box under the "Sync" column. Required fields (checkbox is greyed out) cannot be altered.
Step 6: Click Save.
Step 7: A message on the First Synch tab will confirm if the synch was successful. If successful, click Got It.
The connection is now listed.

Editing Existing Connections

Connections are edited by clicking Edit under the "Actions" column.
Connections can be disabled by clicking the toggle bar under the "Enabled" column.
Connections can be manually synchronized by clicking Sync under the "Actions" column.
Connections can be deleted by clicking the three dots under the "Actions" column and then clicking Delete. A modal will appear asking for confirmation of action.
Findings from Edgescan can now be imported into a report.

Viewing Logs

Step 1: Click Edit of the connection to review.
Step 2: Click the Synch Log tab.
A list of all synchronization records and status results is provided.
Step 3: Click View to obtain more information about a specific record.
Step 4: More details about remote URLs and JSON response is available by clicking the headers below to expand the section.
Click Ok or Cancel to return to the previous modal.
Last modified 2mo ago
© 2023 PlexTrac, Inc. All rights reserved.