PlexTrac integrates with HackerOne, a platform that facilitates vulnerability coordination and bug bounty programs. It connects organizations that want to improve the security of their software and systems with a community of ethical hackers, also known as white-hat hackers, who are skilled in finding and reporting security vulnerabilities.
This is a licensed feature.
An integration with HackerOne and PlexTrac consists of three parts:
- 1.Enabling the feature via the license key.
- 2.Obtaining the HackerOne API Key Identifier and HackerOne API Key values.
- 3.Configuring PlexTrac to complete the setup.
When a license is obtained, insert the license key into PlexTrac via the Admin Dashboard>Licensing page.
Once the feature has been enabled, the next step is to obtain the HackerOne API Key Identifier and HackerOne API Key values.
Step 2: Click Create API Token.
Step 3: Enter an identifier value into the provided box. Click Create.
Step 4: Copy the API key to a secure place (it will not be accessible after this point). Click I have stored the API Token.
Step 5: The API token just created appears at the top of the API page (an email will also be sent confirming the action). Click Manage groups in the row of the token.
Step 6: Check the desired boxes to define the user's permissions for this group. Click Apply changes.
Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."
Step 2: Click Connect in the HackerOne card.
Step 3: A modal appears with three tabs. On the first tab, enter the following information:
- 1.Integration Name: This value is seen by users when selecting which tool to import findings from into a report, so pick a value that easily identifies the integration.
- 2.HackerOne API Key identifier: This was the value entered when creating the API token within HackerOne.
- 3.API Key: This was the key provided by HackerOne that was saved for future use.
Step 4: Click Save.
Step 5: In the "Mapping" tab, select which fields to import from HackerOne to PlexTrac.
HackerOne syncs data to PlexTrac, but updates in PlexTrac do not sync back to HackerOne.
Required fields are grayed out in the "Synch" column. The other fields are optional and can be removed from import by clicking the checkbox to remove the checkmark. Click Save.
Step 6: A message will validate that the synch was successful. Click Got It.
HackerOne now appears as "connected" on the Integrations page.
The integration can be temporarily turned off and on via the toggle button under "Enabled."
Existing settings can be adjusted by clicking Edit under the "Actions" column.
Step 1: Click Edit under the "Actions" column.
Step 2: Click the Sync Log tab.
Step 3: Click View of the desired log to read.