Links

Cobalt

Cobalt is an integrated pentesting platform that facilitates communication between development and security teams. PlexTrac offers an integration with Cobalt so that its findings can be imported into a PlexTrac report.

Integrating with Cobalt

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations".
Step 2: Click the Cobalt box.
If the integration is not licensed and thus not available, the message "License required" will appear and direct the user to the Service Desk.
Step 3: If existing connections exist, they are listed on this page. To set up a new integration, click the New connection button.
Step 4: A modal appears with four tabs. Enter a name for the integration and the Cobalt API key. Click Continue.
Step 5: Select the Cobalt organization value from the pulldown menu.
The Cobalt Organization value is found within Cobalt.
Step 6: A list of the field mappings from Cobalt to PlexTrac is displayed. Click Save.
None of this fields can currently be edited and are displayed for visibility on what information is being imported and what the mappings are between Cobalt and PlexTrac..
Step 6: A log of integration attempts is listed. Since an attempt to synchronize is attempting after entering configuration information on the first tab, at least one entry will be listed. Click Close when finished.

Editing Existing Connections

Cobalt integrations can be edited by clicking Edit under the "Actions" column.
Cobalt integrations can be disabled by clicking the toggle bar under the "Enabled" column.
Cobalt integrations can be manually synchronized by clicking Sync under the "Actions" column.
Cobalt integrations can be deleted by clicking the three dots under the "Actions" column and then clicking Delete. A modal will appear asking for confirmation of action.

Using the Cobalt Integration

Once set up, findings can be imported into a report as desired. Click here for more information on importing findings from Cobalt into a report.
Click Next below to learn about setting up and configuring HackerOne.