# NodeZero PlexTrac supports importing the ***weaknesses.csv*** from **NodeZero.** NodeZero includes a wide range of penetration testing and security auditing tools, such as network scanners, vulnerability scanners, password cracking tools, and exploit frameworks.

## Finding Field Mappings Below are the mappings of fields and any reference notes to provide context. All data flows from NodeZero to PlexTrac. If a field is not listed, PlexTrac does not currently import it.

NodeZero Field	Direction	PlexTrac Field
NodeZero	-->	Finding Source
Title	-->	Finding Title
Description	-->	Finding Description
Score		Finding Severity
1 - 3.9	-->	Low
4 - 6.9	-->	Medium
7 - 8.9	-->	High
9 - 10	-->	Critical
Finding Status	-->	Open
ProvenEntityEid	-->	Finding Tags
Root Cause	-->	Finding Tags
Confirmed/Unconfirmed		Custom Field
Potential	-->	Custom Field Value
Confirmed	-->	Custom Field Value
Root Cause or Type		Custom Field: "Root Cause"
Security Misconfiguration	-->	Custom Field Value
Vulnerability	-->	Custom Field Value
Context Score		Custom Field: "Context Score"
Context Score Number	-->	Custom Field Value Numeric
Impact	-->	Custom Field
Mitigations	-->	Recommendations
References	-->	References

## Asset Field Mappings Below are the mappings of fields and any reference notes to provide context. All data flows from NodeZero to PlexTrac. If a field is not listed, PlexTrac does not currently import it.

NodeZero Field	Direction	PlexTrac Field
IP or Host Name	->	Child Asset Name
IP or Host Name	->	Affected Asset - Child Asset Name
Hostname	->	Hostname
IP	->	Known Ips (Array)
OS	->	Operating System (Common Delimited)
Port	->	Number
Protocol	->	Protocol
Service	->	Service
Service Type	->	Version
First Seen	->	First Found