PlexTrac supports importing files from Nexpose in XML Export 2.0 format. Nexpose is vulnerability management software developed by Rapid7. It monitors exposures in real-time, adapts to new threats with fresh data, and provides features such as adaptive security, integrated policy scanning, and intuitive remediation reports.
Below are the field mappings from Nexpose to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it.
Tables include the following columns:
Nexpose Field: the field name that appears in Nexpose
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration
Nexpose Field | Direction | PlexTrac Field | Notes |
---|---|---|---|
Nexpose Field | Direction | PlexTrac Field | Notes |
---|---|---|---|
Title
->
Finding Title
Description
->
Description
Solution
->
Recommendation
Numerical Severity Sore Mapping
Finding Severity
10 or 9
->
Critical
8 or 7
->
High
6 or 5
->
Medium
4 or 3
->
Low
2 or 1
->
Informational
CVSS Score
->
Score Type
CVSS Score
->
Label
CVSS Score
->
Score Value
CVSS Vector
->
Calculation
CVE ID
->
CVE
Reference Source
->
References
Any hyperlinked URLs will be retained.
Exploit ID
->
Custom Field: Nexpose Exploit Available
PCI Severity
->
Custom Field: Nexpose PCI Compliance Status
Risk Score
->
Custom FIeld: Nexpose Risk Score
Vulnerability Id
->
Custom Field: Nexpose Vulnerability Id
Node Address
->
Asset Name
Device-Type
->
Asset Type
Family
->
Operating System
PCI Severity
->
PCI Compliance
Node Address
->
Known Ip Addresses
Endpoint Port
->
Port
Endpoint Service
->
Service
Endpoint Protocol
->
Protocol
Services
->
Known Hostnames
Detailed results included in affected asset evidence.