Edgescan
Edgescan is a cyber security solutions provider specializing in vulnerability detection and intelligence technology. PlexTrac offers an integration with Edgescan to import its findings for use in a PlexTrac report.
This is a licensed feature. Contact your Account Manager for more information about integrating.
Below are the field mappings from Edgescan to PlexTrac, broken up by findings and assets.
Tables include the following columns:
- Edgescan Field: this is the field name that appears in Edgescan
- PlexTrac Field: this is the field name that appears in PlexTrac
- Direction: this displays the direction that the flow of data is occurring for the integration (a value of "x" means that value is not imported)
- Required: this denotes if a value is required for the field or not in order for the import to be successful
- Notes: additional information
Edgescan Field | Direction | PlexTrac Field | Required? | Notes |
|---|---|---|---|---|
Vulnerability Name | --> | Finding Title | yes | |
Vulnerability Description | --> | Finding Description | yes | |
Vulnerability Date Opened | --> | Finding Created At | no | |
Vulnerability Date Closed | --> | Finding Closed At | no | |
Vulnerability Status | --> | Finding Status | yes | |
Status | | | | Status has multiple values, which are listed below in blue. |
Open | --> | Finding ="OPEN" | no | |
Closed | --> | Finding = "CLOSED" | no | |
Risk Accepted | x | | no | |
Vulnerability Remediation | --> | Finding Recommendations | no | |
Vulnerability CVSS Score | --> | Finding CVSS | no | |
Vulnerability CVSS Vector | --> | Finding Score Type | no | |
Vulnerability CVSS Vector | --> | Finding CVSS | no | |
Vulnerability Risk | --> | Finding Severity | no | |
Severity | | | | Severity has multiple values, which are listed below in blue. |
Minimal | --> | Informational | no | |
Low | --> | Low | no | |
Medium | --> | Medium | no | |
High | --> | High | no | |
Critical | --> | Critical | no | |
Vulnerability Custom Details Data | --> | Finding Custom Field "Edgescan Details" | yes | |
Vulnerability Asset Tags | --> | Finding Tags | no | |
Vulnerability ID | --> | Finding Tags | no | |
Organization | --> | Findings Tag | no | |
Edgescan Field | Direction | PlexTrac Field | Required? | Notes |
|---|---|---|---|---|
Vulnerability Asset | --> | Affected Assets | no | |
Asset/Location | --> | Affected Assets | no | |
Asset Name (Including Numeric ID) | --> | Asset Parent | no | |
Locations | --> | Child Asset | no | |
Asset Url(s) | --> | Asset Host FQDN | no | |
Asset Host Name | --> | Asset Host Name | no | |
Asset Ip(s) | --> | Asset Known Ip Address(s) | no | |
Request | --> | Asset Evidence- Scan Output | no | |
Response | --> | Asset Evidence- Scan Output | no | |
Asset Type | | | | Asset Type has multiple values, which are listed below in blue. |
Network | --> | Network Device | no | |
Web Application | --> | Application | no | |
Container | x | | no | |
After a finding from Edgescan is imported into a report, metadata and content is presented within PlexTrac on the Finding Detail page, as shown below.
The finding source value is "Edgescan," and any tags associated to the finding from Edgescan are provided along with any added within PlexTrac when imported.
Step 1: From the Admin Dashboard, click Integrations under the "Tools & Integrations" header.
Step 2: Click the Edgescan box.
Step 3: Click New connection.
Step 4: On the Configuration Details tab, enter a name for the integration and the Edgescan API key. Click Continue.
Step 5: On the Mapping tab, review the mappings and select the fields to import into PlexTrac by validating that the checkbox next to the field is selected. To ignore a field upon import, uncheck the box under the "Sync" column. Required fields (checkbox is greyed out) cannot be altered.
Step 6: Click Save.
Step 7: A message will display on the First Synch tab confirming if the synch was successful. If successful, click Got It.
The connection is now listed.
Connections are edited by clicking Edit under the "Actions" column.
Connections can be disabled by clicking the toggle bar under the "Enabled" column.
Connections can be manually synchronized by clicking Sync under the "Actions" column.
Connections can be deleted by clicking the three dots under the "Actions" column and then clicking Delete. A modal will appear asking for confirmation of action.
Once set up, findings can be imported into a report and instructions on this process can be found here.
Step 1: Click Edit of the connection to review.
Step 2: Click the Synch Log tab.
A list of all synchronization records and status results is provided.
Step 3: Click View to obtain more information about a specific record.
Step 4: More information about remote urls and JSON response is available by clicking the headers below to expand the section.
Click Ok or Cancel to return to previous modal.
Last modified 8d ago