LogoLogo
API DocumentationIntegrationsPlexTrac.com
  • Product Documentation
    • Using This Site
    • Security Advisories
    • Deployment and Maintenance Policy
    • Supported Applications
  • PlexTrac Modules
    • Dashboard
    • Clients
      • Clients Components
      • Creating a Client
      • Managing Clients
      • Managing Client Users
      • Adding Assets to a Client
      • Managing Assets
    • Schedule
      • Schedule Components
      • Creating an Engagement
      • Requesting an Engagement
      • Managing Engagements
      • Engagement Status
    • Assessments
      • Assessment Components
      • Managing Questionnaires
      • Starting an Assessment
      • Taking an Assessment
      • Reviewing an Assessment
      • Submitting an Assessment
    • Reports
      • Report Components
      • Creating a Report
      • Adding from NarrativesDB
      • Editing a Report
      • Using Short Codes in Reports
      • Findings
        • Creating a Finding
        • Collaborative Editing
        • Importing Findings from a File
        • CSV Findings Templates
          • Using Report Findings CSV Template
        • Importing Findings via an Integration
        • Importing Findings from WriteupsDB
        • Finding Status
        • Creating Jira Tickets
        • CVSS Scoring
        • Affected Assets
      • Importing a Report
      • Exporting a Report
    • Priorities
      • Priorities Components
      • Creating a Priority
      • Linking Findings and Assets
      • Managing Priorities
      • Priorities Metrics
    • Content Library
      • Types of Repositories
      • NarrativesDB
        • NarrativesDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Managing Sections
        • Creating a Section
      • WriteupsDB
        • WriteupsDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Writeup
        • Copying a Writeup
        • Adding to a Report
        • Importing via CSV Template
      • RunbooksDB
        • RunbooksDB Home Page
        • Managing Repositories
        • Managing Users
        • Creating a Repository
        • Creating a Procedure
        • Creating a Technique
        • Creating a Tactic
        • Creating a Methodology
    • Analytics
      • Findings
      • Assets
      • Runbooks
      • Trends & SLAs
    • Runbooks
      • Managing Engagements
        • Starting an Engagement
        • Submitting an Engagement
      • Managing Test Plans
        • Creating a Test Plan
        • Exporting a Test Plan
  • Tenant Management
    • Account Management
      • Profile (Personal Settings)
        • Managing User Profile
        • Managing Password
        • Setting Up Two-Factor Authentication
      • Account Admin
        • Tenant Settings
          • Account Information
          • General Settings
          • Email Settings
          • Tags Settings
          • Service-Level Agreements (SLAs)
          • Short Codes
        • Customizations
          • Layouts
          • Templates
            • Report Templates
            • Export Templates
            • Style Guides
          • Theme
        • Automations
          • Risk Scoring
            • Creating Equations
            • Managing Priority Equations
          • Parser Actions
        • Integrations & Webhooks
          • Integrations (API)
            • Cobalt
            • Edgescan
            • HackerOne
            • Jira
            • ServiceNow
            • Tenable Vulnerability Management
            • Tenable Security Center
          • Webhooks
        • Security & User Management
          • Audit Log
          • Security
            • Authentication Methods
              • OAuth/OpenID Setup
                • Microsoft Entra ID
                • Google OAuth
                • Okta
                • OpenID Connect
              • SAML Setup
            • General Authentication Settings
            • Authorization
            • Role Based Access (RBAC)
              • Custom Roles
            • Classification Tiers
          • Users
            • Adding Users
            • Managing Users
        • Licensing
          • Licensing
          • Priorities
          • Plex AI
            • Using AI
        • White Labeling
      • Help Center
      • Logout
    • Integrations and File Imports
      • Acunetix
      • BlindSPOT
      • Burp Suite
      • Checkmarx
      • Core Impact
      • HCL AppScan
      • Invicti
      • Nessus
      • Nexpose
      • Nipper
      • Nmap (Assets)
      • Nmap Vulners NSE
      • Nodeware
      • NodeZero
      • OpenVAS
      • OWASP ZAP
      • Pentera
      • Qualys (VM Parser)
      • Qualys (Web App Scanner)
      • RapidFire
      • Scythe
      • Veracode
  • API Documentation
    • Overview
    • Concept Definitions
    • Getting Started
    • Retrieving Parameter IDs
    • Object Structures
      • Client Object
      • Report Object
      • Finding Object
      • Asset Object
      • Evidence Object
    • Use Cases
    • API Change Policy
      • API Change Log
    • Webhooks
      • Webhook Payload Structure
      • Verifying Sender Requests
Powered by GitBook

Resources

  • Privacy Policy
  • Terms of Use
  • Vulnerability Policy

© 2025 PlexTrac, Inc. All rights reserved.

On this page
  • Exporting Pentera Findings
  • Mappings
  • Mappings to Pentera Achievements
  • Mappings to Pentera Vulnerabilities
  • Finding Severity Mappings

Was this helpful?

Export as PDF
  1. Tenant Management
  2. Integrations and File Imports

Pentera

PreviousOWASP ZAPNextQualys (VM Parser)

Last updated 1 year ago

Was this helpful?

PlexTrac supports importing JSON files from Pentera, but only JSON files exported specifically for PlexTrac will be accepted. Pentera is an automated security validation platform designed to identify and remediate security vulnerabilities continuously.

Exporting Pentera Findings

Findings of any Pentera task can be exported to a JSON-compatible format to be imported into PlexTrac.

Step 1: Click Testing History from the left menu.

Step 2: Select a test from the list to open.

Choose a test that has finished and is no longer in progress.

Step 3: Click the Export icon.

Step 4: From the modal under "Export to other tools," click PlexTrac.

The test findings are downloaded in a JSON format compatible with PlexTrac.

Each export file from Pentera contains the following:

  • The list of assets tested by Pentera within the scope of the particular test.

  • The list of vulnerabilities discovered during the test and the assets affected by each vulnerability. Discovery time is included in the dataset.

  • The list of Pentera achievements during the test and the assets affected by each achievement. Discovery time is included in the dataset. In Pentera, an achievement is Pentera’s ethical exploitation of a vulnerability or exposure intended to demonstrate its exploitability.

Mappings

Pentera identifies two main types of findings:

  • Achievement: In the context of Pentera, a positive outcome that demonstrates ethical exploitation of a vulnerability or exposure. This means that Pentera has successfully taken advantage of vulnerability or security exposure in a controlled and ethical manner. The purpose of achieving such exploits is to showcase the exploitability of a security issue without causing harm or damage to the system. Achievements illustrate the potential impact of a vulnerability when exploited by malicious actors.

  • Vulnerability: In the context of Pentera, a vulnerability finding represents a specific security issue or weakness that has been identified during the testing or scanning process. These findings are typically undesirable because they indicate a potential risk to the system's security.

Only JSON files exported from Pentera specifically for PlexTrac are accepted.

Mappings to Pentera Achievements

PlexTrac record
PlexTrac field
Pentera file
Pentera field
Comments

Finding

ID

Achievements

ID

Finding

Title

Achievements

Name

Finding

Severity

Achievements

Severity

Finding

Status

Default Value

Default Value

set to value 'Open', so customer can manage in PlexTrac

Finding

Description

Achievements

Insight

Finding

Start Date

Achievements

Creation Time

set when achievement is created

Finding

Custom Fields (Severity Score)

Achievements

Severity

captures original Pentera score

Affected Assets

Name

Achievements

target: target ID

Affected Assets

Ports

Achievements

results: Port

Affected Assets

Protocol

Achievements

results: Protocol

Affected Assets

Scan Evidence - Title

set to value 'Results'

Affected Assets

Scan Evidence - Description

Achievements

results - all data

Affected Assets

Scan Evidence - Title

set to value 'Parameters'

Affected Assets

Scan Evidence - Description

Achievements

parameters - all data

captures data in parameters as a section piece of scanner evidence PlexTrac auto-populates based on affected asset data

Asset

Ports

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Service

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Protocol

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Parent Asset

n/a

n/a

Asset

Known IPs

Achievements

results:"Hosts"

Asset

Evidence

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

First Found

Achievements

n/a

Mappings to Pentera Vulnerabilities

PlexTrac record
PlexTrac field
Pentera file
Pentera field
Comments

Finding

ID

Vulnerabilities

ID

Finding

Title

Vulnerabilities

Name

Finding

Severity

Vulnerabilities

Severity

Finding

Status

Default Value

Default Value

Set status to 'Open'

Finding

Description

Vulnerabilities

Insight

Finding

Start Date

Vulnerabilities

Creation Time

Finding

Recommendation

Vulnerabilities

Remediation

Finding

Custom Fields (Severity Score)

Vulnerabilities

Severity

Finding

Custom Fields (Priority)

Vulnerabilities

Priority

Affected Asset

Name

Vulnerabilities

target: target_id

Affected Asset

Ports

Vulnerabilities

port

Affected Asset

Protocol

Vulnerabilities

protocol

Asset

Name

Vulnerabilities

target: target_id

Asset

Ports

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Protocol

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Known IPs

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Asset

Evidence

Calculated Value

Calculated Value

PlexTrac auto-populates based on affected asset data

Finding Severity Mappings

Pentera uses a numerical range of 1 to 10 to capture a finding severity, while PlexTrac uses five qualitative values: Informational, Low, Medium, High, and Critical.

PlexTrac
Pentera

Informational

0

Low

0.01 to 2.49

Medium

2.5 to 4.99

High

5 to 7.49

Critical

7.5 to 10