Nexpose
PlexTrac supports importing files from Nexpose in XML Export 2.0 format. Nexpose is a vulnerability management software developed by Rapid7. It monitors exposures in real-time, adapts to new threats with fresh data, and provides features such as adaptive security, integrated policy scanning, and intuitive remediation reports.
Finding Field Mappings
If a field is not listed, PlexTrac does not currently import it. All data flows from Nexpose to PlexTrac.
| Nexpose Field | Direction | PlexTrac Field | Notes |
|---|---|---|---|
Title | -> | Finding Title | |
Description | -> | Description | |
Solution | -> | Recommendation | |
Numerical Severity Sore Mapping | Finding Severity | ||
10 or 9 | -> | Critical | |
8 or 7 | -> | High | |
6 or 5 | -> | Medium | |
4 or 3 | -> | Low | |
2 or 1 | -> | Informational | |
CVSS Score | -> | Score Type | |
CVSS Score | -> | Label | |
CVSS Score | -> | Score Value | |
CVSS Vector | -> | Calculation | |
CVE ID | -> | CVE | |
Reference Source | -> | References | Any hyperlinked URLs will be retained. |
Exploit ID | -> | Custom Field: Nexpose Exploit Available | |
PCI Severity | -> | Custom Field: Nexpose PCI Compliance Status | |
Risk Score | -> | Custom FIeld: Nexpose Risk Score | |
Vulnerability Id | -> | Custom Field: Nexpose Vulnerability Id |
Asset Field Mappings
| Nexpose Field | Direction | PlexTrac Field |
|---|---|---|
Node Address | -> | Asset Name |
Device-Type | -> | Asset Type |
Family | -> | Operating System |
PCI Severity | -> | PCI Compliance |
Node Address | -> | Known Ip Addresses |
Endpoint Port | -> | Port |
Endpoint Service | -> | Service |
Endpoint Protocol | -> | Protocol |
Unordered list under "test id" | -> | Evidence |
Last updated
