LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

On this page
  • Exporting From Core Impact
  • Finding Field Mappings
  • Asset Field Mappings

Was this helpful?

Export as PDF
  1. Tenant Management
  2. Integrations and File Imports

Core Impact

PreviousCheckmarxNextHCL AppScan

Last updated 1 year ago

Was this helpful?

Vulnerabilities of any Core Impact workspace can be exported to an XML-compatible format for import into PlexTrac as findings. Core Impact is penetration testing software developed by Fortra’s Core Security. It is used by security professionals and ethical hackers to uncover and exploit security weaknesses. It is designed to enable security teams to conduct advanced penetration tests and safely test environments using the same techniques as adversaries.

Exporting From Core Impact

Step 1: From a Core Impact Workspace, open the Modules view, go to 11 - Reporting>Third Party, and launch the module Export IMPACT Workspace to XML file.

Step 2: Select the location to export the file and click OK.

The workspace vulnerabilities are downloaded in an XML format compatible with PlexTrac.

Each export file from Core Impact contains the following:

  • The list of assets tested by Core Impact within the scope of the particular workspace.

  • The list of vulnerabilities discovered during the test and the assets affected by each vulnerability. All the vulnerabilities discovered by Core Impact have demonstrated exploitability.

Finding Field Mappings

Below are the mappings of fields and any reference notes to provide context. If a field is not listed, PlexTrac does not currently import it.

PlexTrac Field
Core Impact Path
Notes

title

<entity class="host"><property key="Vulnerabilities"><property key=(value)> or <entity class="host"><property key="Vulnerabilities"><property key="Modules><property key=(value)>

PlexTrac obtains the finding title from the property elements attribute "key" inside the vulnerability element. If <entity class="host"><property key="Vulnerabilities"><property key=(value)> does not exist, then the tool looks at the Module element <entity class="host"><property key="Vulnerabilities"><property key="Modules"><property key=(value)>. NOTE: PlexTrac only creates a finding if a Modules exists in the property key. <entity class="host"><property key="Vulnerabilities"><property key="Modules">

severity

This value is hard-coded "Informational" by PlexTrac upon import, as it is a required value for PlexTrac but not provided by Core Impact.

references

<entity class="host"><property key="Vulnerabilities"><property key=(value)>

If no references exist, then the string is left empty: ""

recommendations

This value is hard-coded "Provide recommendations for resolution here." by PlexTrac upon import, as a value is not provided by Core Impact.

description

<entity class="host"><property key="Vulnerabilities"><property><property key="description>(value)</property>

common identifiers

<entity class="host"><property key="Vulnerabilities"><property key=(value)>

Asset Field Mappings

PlexTrac Field
Core Impact Path
Notes

asset

<entity class="host" name=(value)>

PlexTrac receives an entity element that has a class of "host" and strips the leading '/' from the name attribute to use that as the asset name value.