# Nexpose PlexTrac supports importing files from **Nexpose** in XML [Export 2.0 format](https://docs.rapid7.com/nexpose/working-with-report-formats/). Nexpose is vulnerability management software developed by Rapid7. It monitors exposures in real-time, adapts to new threats with fresh data, and provides features such as adaptive security, integrated policy scanning, and intuitive remediation reports.

## Field Mappings Below are the field mappings from Nexpose to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it. Tables include the following columns: * **Nexpose Field:** the field name that appears in Nexpose * **PlexTrac Field:** the field name that appears in PlexTrac * **Direction:** displays the direction in the flow of data occurring for the integration ### Finding Field Mappings

Nexpose Field	Direction	PlexTrac Field	Notes
Title	->	Finding Title
Description	->	Description
Solution	->	Recommendation
Numerical Severity Sore Mapping		Finding Severity
10 or 9	->	Critical
8 or 7	->	High
6 or 5	->	Medium
4 or 3	->	Low
2 or 1	->	Informational
CVSS Score	->	Score Type
CVSS Score	->	Label
CVSS Score	->	Score Value
CVSS Vector	->	Calculation
CVE ID	->	CVE
Reference Source	->	References	Any hyperlinked URLs will be retained.
Exploit ID	->	Custom Field: Nexpose Exploit Available
PCI Severity	->	Custom Field: Nexpose PCI Compliance Status
Risk Score	->	Custom FIeld: Nexpose Risk Score
Vulnerability Id	->	Custom Field: Nexpose Vulnerability Id

### Asset Field Mappings

Nexpose Field	Direction	PlexTrac Field	Notes
Node Address	->	Asset Name
Device-Type	->	Asset Type
Family	->	Operating System
PCI Severity	->	PCI Compliance
Node Address	->	Known Ip Addresses
Endpoint Port	->	Port
Endpoint Service	->	Service
Endpoint Protocol	->	Protocol
Services	->	Known Hostnames	Detailed results included in affected asset evidence.