Pentera
PlexTrac supports importing JSON files from Pentera, but only JSON files exported specifically for PlexTrac will be accepted.
Findings of any Pentera task can be exported to a JSON compatible format to be imported into PlexTrac.
Step 1: Click Testing History from the left menu.
Step 2: Select a test from the list to open.
Choose a test that has finished and no longer in progress.
Step 3: Click the Export icon.
Step 4: From the modal that appears, under "Export to other tools," click PlexTrac.
The findings of the test will be downloaded in a JSON format that is compatible with PlexTrac.
Each export file from Pentera contains the following:
- The list of assets tested by Pentera within the scope of the particular test.
- The list of vulnerabilities discovered during the test, and the assets affected by each vulnerability. Discovery time is included in the dataset.
- The list of Pentera achievements during the test, and the assets affected by each achievement. Discovery time is included in the dataset. In Pentera, an achievement is Pentera’s ethical exploitation of a vulnerability or exposure, intended to demonstrate its exploitability.
Below are the mappings of fields from Pentera to PlexTrac. Only JSON files exported specifically for PlexTrac from Pentera will be accepted.
PlexTrac record | PlexTrac field | Pentera file | Pentera field | Comments |
|---|---|---|---|---|
Finding | ID | Achievements | ID | |
Finding | Title | Achievements | Name | |
Finding | Severity | Achievements | Severity | |
Finding | Status | Default Value | Default Value | set to value 'Open', so customer can manage in PlexTrac |
Finding | Description | Achievements | Insight | |
Finding | Start Date | Achievements | Creation Time | set when achievement is created |
Finding | Custom Fields (Severity Score) | Achievements | Severity | captures original Pentera score |
Affected Assets | Name | Achievements | target: target ID | |
Affected Assets | Ports | Achievements | results: Port | |
Affected Assets | Protocol | Achievements | results: Protocol | |
Affected Assets | Scan Evidence - Title | | | set to value 'Results' |
Affected Assets | Scan Evidence - Description | Achievements | results - all data | |
Affected Assets | Scan Evidence - Title | | | set to value 'Parameters' |
Affected Assets | Scan Evidence - Description | Achievements | parameters - all data | captures data in parameters as a section piece of scanner evidence PlexTrac auto-populates based on affected asset data |
Asset | Ports | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Service | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Protocol | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Parent Asset | n/a | n/a | |
Asset | Known IPs | Achievements | results:"Hosts" | |
Asset | Evidence | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | First Found | Achievements | n/a | |
PlexTrac record | PlexTrac field | Pentera file | Pentera field | Comments |
|---|---|---|---|---|
Finding | ID | Vulnerabilities | ID | |
Finding | Title | Vulnerabilities | Name | |
Finding | Severity | Vulnerabilities | Severity | |
Finding | Status | Default Value | Default Value | Set status to 'Open' |
Finding | Description | Vulnerabilities | Insight | |
Finding | Start Date | Vulnerabilities | Creation Time | |
Finding | Recommendation | Vulnerabilities | Remediation | |
Finding | Custom Fields (Severity Score) | Vulnerabilities | Severity | |
Finding | Custom Fields (Priority) | Vulnerabilities | Priority | |
Affected Asset | Name | Vulnerabilities | target: target_id | |
Affected Asset | Ports | Vulnerabilities | port | |
Affected Asset | Protocol | Vulnerabilities | protocol | |
Asset | Name | Vulnerabilities | target: target_id | |
Asset | Ports | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Protocol | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Known IPs | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Asset | Evidence | Calculated Value | Calculated Value | PlexTrac auto-populates based on affected asset data |
Pentera uses a numerical range of 1 to 10 to capture a finding severity, while PlexTrac uses five qualitative values: Informational, Low, Medium, High, Critical.
PlexTrac | Pentera |
|---|---|
Informational | 0 |
Low | 0.01 to 2.49 |
Medium | 2.5 to 4.99 |
High | 5 to 7.49 |
Critical | 7.5 to 10 |
A Pentera finding may be either a vulnerability or an achievement, where an achievement is Pentera’s ethical exploitation of a vulnerability or exposure that is intended to demonstrate its exploitability.
Last modified 3mo ago