1 of 8

Integrations (API)

The integrations page provides the status of each API integration and the ability to connect new integrations (if licensed) or edit existing connections.

If an integration is available but not set up, the user will see a "Connect" button. A "License required" label will be displayed if an integration is not licensed.

Visit this page for a list of all third-party tools PlexTrac integrates with, including scanner files and CSV templates.

Included API Integrations

The following integrations are included with every PlexTrac instance:

Remediation

Licensed API Integrations

The following integrations require an additional cost/license to access (one license covers all tools):

Findings/Reports

Cobalt

Cobalt is an integrated pentesting platform facilitating communication between development and security teams. Cobalt helps developers identify and mitigate security vulnerabilities in their code by specifying security policies and checking compliance. The tool can detect many vulnerabilities, including buffer overflows, integer overflows, and format string vulnerabilities.

Cobalt findings can be imported into a PlexTrac report.

This is a licensed feature.

Field Mappings

Below are the field mappings from Cobalt to PlexTrac, broken up by findings and assets.

Tables include the following columns:

Cobalt Field: the field name that appears in Cobalt
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
Required: denotes if a value is required for the import to be successful
Notes: additional information

Findings Field Mappings

Cobalt Field

Direction

PlexTrac Field

Required?

Notes

Finding Title

-->

Finding Title

yes

Finding Suggested Fix

-->

Recommendations

yes

Finding Descriptions, Type Category

-->

Finding Description

yes

Finding State

-->

Finding Status

yes

Status

Has multiple values, listed below in italics.

Triaging

-->

Finding="OPEN"

Pending Fix

-->

Finding="OPEN"

Ready for Retest

-->

Finding="OPEN"

Resolved

-->

Finding="OPEN"

Vulnerability Remediation

-->

Finding Recommendations

yes

Log [Created]

-->

Created At

yes

Finding Severity

-->

Finding Severity

yes

Severity

Has multiple values, listed below in italics.

Informational

-->

Informational

Low

-->

Low

Medium

-->

Medium

High

-->

High

Critical

-->

Critical

Pentest Name

-->

Finding Custom Field "Cobalt Pentest Report Name"

yes

Cobalt Proof of Concept

-->

Finding Custom Field "Cobalt Proof of Concept"

Any images or html in this field will be imported (images as Base64).

Asset Field Mappings

Cobalt Field

Direction

PlexTrac Field

Required?

Notes

Finding Affected Targets

-->

Affected Assets

yes

IP or Hostname

Deduplication Logic

If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the finding unique identifier value pulled from Cobalt in parenthesis at the end of the finding title.

Integrating with Cobalt

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."

Step 2: Click Connect within the Cobalt box.

If the integration is not licensed and thus unavailable, the message "License required" will appear.

Step 3: If existing connections exist, they are listed on this page. To set up a new integration, click the New connection button.

Step 4: A modal appears with four tabs. Enter a name for the integration, the Cobalt URL, and the Cobalt API key. Click Continue.

Step 5: Select the Cobalt organization value from the pulldown menu. Click Continue.

The Cobalt Organization value is found within Cobalt. Visit Cobalt documentation on how to generate an API key.

Step 6: A list of the field mappings from Cobalt to PlexTrac is displayed. Click Save.

None of these fields can be edited and are displayed for visibility.

Step 7: A log of integration attempts is listed. Since an attempt to synchronize is attempted after entering configuration information on the first tab, at least one entry will be listed. Click Close.

Editing Existing Connections

Cobalt integrations can be edited by clicking Edit under the "Actions" column.

Cobalt integrations can be disabled by clicking the toggle bar under the "Enabled" column.

Cobalt integrations can be manually synchronized by clicking Sync under the "Actions" column.

Cobalt integrations can be deleted by clicking the three dots under the "Actions" column and then clicking Delete. A modal will appear, asking for confirmation of the action.

Edgescan

PlexTrac integrates with Edgescan, allowing users to import the findings from Edgescan's vulnerability detection into a PlexTrac report. This integration streamlines the process by leveraging Edgescan's automated vulnerability scanning capabilities and the reporting and management features of PlexTrac.

This is a licensed feature.

Field Mappings

Below are the field mappings from Edgescan to PlexTrac, broken up by findings and assets.

Tables include the following columns:

Edgescan Field: the field name that appears in Edgescan
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
Required: denotes if a value is required in the field for the import to be successful
Notes: additional information

Findings Field Mappings

Edgescan Field

Direction

PlexTrac Field

Required?

Notes

Vulnerability Name

-->

Finding Title

yes

Vulnerability Description

-->

Finding Description

yes

Vulnerability Date Opened

-->

Finding Created At

Vulnerability Date Closed

-->

Finding Closed At

Vulnerability Status

-->

Finding Status

yes

Status

Has multiple values, which are listed below in italics.

Open

-->

Finding ="OPEN"

Closed

-->

Finding = "CLOSED"

Risk Accepted

Vulnerability Remediation

-->

Finding Recommendations

Vulnerability CVSS Score

-->

Finding CVSS

Vulnerability CVSS Vector

-->

Finding Score Type

Vulnerability CVSS Vector

-->

Finding CVSS

Vulnerability Risk

-->

Finding Severity

Severity

Has multiple values, listed below in italics.

Minimal

-->

Informational

Low

-->

Low

Medium

-->

Medium

High

-->

High

Critical

-->

Critical

Vulnerability Custom Details Data

-->

Finding Custom Field "Edgescan Details"

yes

Vulnerability Asset Tags

-->

Finding Tags

Vulnerability ID

-->

Finding Tags

Organization

-->

Findings Tag

Asset Field Mappings

Edgescan Field

Direction

PlexTrac Field

Required?

Notes

Vulnerability Asset

-->

Affected Assets

Asset/Location

-->

Affected Assets

Asset Name (Including Numeric ID)

-->

Asset Parent

Locations

-->

Child Asset

Asset Url(s)

-->

Asset Host FQDN

Asset Host Name

-->

Asset Host Name

Asset Ip(s)

-->

Asset Known Ip Address(s)

Request

-->

Asset Evidence- Scan Output

Response

-->

Asset Evidence- Scan Output

Asset Type

Asset Type has multiple values, listed below in blue.

Network

-->

Network Device

Web Application

-->

Application

Container

After a finding from Edgescan is imported into a report, metadata and content are presented within PlexTrac on the Finding Detail page, as shown below. The finding source value is "Edgescan," and any tags associated with the finding from Edgescan are provided along with any added within PlexTrac when imported.

Deduplication Logic

If a duplicate finding title is found during import, the finding title in PlexTrac is appended with the Edgescan Vulnerability ID in parenthesis at the end of the finding title.

Integrating with Edgescan

Step 1: From the Admin Dashboard, click Integrations under the "Tools & Integrations" header.

Step 2: Click the Edgescan box.

Step 3: Click New connection.

Step 4: On the Configuration Details tab, enter a name for the integration, the Edgescan URL value, the Edgescan API key, and if closed vulnerabilities should be included.

Integration name: A name for this integration. When importing findings, this value will appear elsewhere in the platform along with other enabled integrations, so pick a unique but accurate name.
Edgescan URL: The Edgescan instance URL.
Edgescan API Key: The Edgescan instance API key. Visit Edgescan support for information on generating an API key.
Closed Vulnerabilities: Determines whether to include closed vulnerabilities and, if yes, the time of closure to consider for inclusion.

Step 5: On the Mapping tab, review the mappings and select the fields to import into PlexTrac by validating that the checkbox next to the field is selected. To ignore a field upon import, uncheck the box under the "Sync" column. Required fields (checkbox is greyed out) cannot be altered.

Step 6: Click Save.

Step 7: A message on the First Synch tab will confirm if the synch was successful. If successful, click Got It.

The connection is now listed.

Editing Existing Connections

Connections are edited by clicking Edit under the "Actions" column.

Connections can be disabled by clicking the toggle bar under the "Enabled" column.

Connections can be manually synchronized by clicking Sync under the "Actions" column.

Connections can be deleted by clicking the three dots under the "Actions" column and then Delete. A modal will appear, asking for confirmation of action.

Findings from Edgescan can now be imported into a report.

Viewing Logs

Step 1: Click Edit of the connection to review.

Step 2: Click the Synch Log tab.

A list of all synchronization records and status results is provided.

Step 3: Click View to obtain more information about a specific record.

Step 4: More details about remote URLs and JSON responses are available by clicking the headers below to expand the section.

Click Ok or Cancel to return to the previous modal.

HackerOne

PlexTrac integrates with HackerOne, a platform that facilitates vulnerability coordination and bug bounty programs. It connects organizations that want to improve the security of their software and systems with a community of ethical hackers, also known as white-hat hackers, who are skilled in finding and reporting security vulnerabilities.

This is a licensed feature.

Integration Overview

An integration with HackerOne and PlexTrac consists of three parts:

Enabling the feature via the license key.
Obtaining the HackerOne API Key Identifier and HackerOne API Key values.
Configuring PlexTrac to complete the setup.

Enabling HackerOne

If the license is needed within a tenant, the phrase “License Required” with a link to the Support Portal will display within the HackerOne card on the Integrations page of the Admin Dashboard.

When a license is obtained, insert the license key into PlexTrac via the Admin Dashboard>Licensing page.

When the integration is available, a “Connect” button will display within the HackerOne card on the Integrations page of the Admin Dashboard.

Creating an API Token

Once the feature has been enabled, the next step is to obtain the HackerOne API Key Identifier and HackerOne API Key values.

Step 1: Log in to HackerOne's API token page.

Step 2: Click Create API Token.

Step 3: Enter an identifier value into the provided box. Click Create.

Step 4: Copy the API key to a secure place (it will not be accessible after this point). Click I have stored the API Token.

Step 5: The API token just created appears at the top of the API page (an email will also be sent confirming the action). Click Manage groups in the row of the token.

Step 6: Check the desired boxes to define the user's permissions for this group. Click Apply changes.

Configuring PlexTrac

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."

Step 2: Click Connect in the HackerOne card.

Step 3: A modal appears with three tabs. On the first tab, enter the following information:

Integration Name: This value is seen by users when selecting which tool to import findings from into a report, so pick a value that quickly identifies the integration.
HackerOne API Key identifier: This was the value entered when creating the API token within HackerOne.
API Key: This key was provided by HackerOne and saved for future use.

Step 4: Click Save.

Step 5: In the "Mapping" tab, select which fields to import from HackerOne to PlexTrac.

HackerOne syncs data to PlexTrac, but updates in PlexTrac do not sync back to HackerOne.

Required fields are grayed out in the "Synch" column. The other fields are optional and can be removed from import by clicking the checkbox to remove the checkmark. Click Save.

Step 6: A message will validate that the synch was successful. Click Got It.

HackerOne now appears as "connected" on the Integrations page.

Findings from HackerOne can now be imported into a report.

Disabling Integration

The integration can be temporarily turned off and on via the toggle button under "Enabled."

Editing Integration

Click Edit under the "Actions" column to adjust existing settings.

Viewing Logs

Step 1: Click Edit under the "Actions" column.

Step 2: Click the Sync Log tab.

Step 3: Click View of the desired log to read.

Jira

PlexTrac offers a robust integration with Jira Cloud and Jira Data Center, enabling seamless collaboration between red and blue teams without the need to switch tools. This integration can be configured either for the entire tenancy or customized for specific clients.

The PlexTrac-Jira integration supports various synchronization options:

Unidirectional from PlexTrac to Jira
Unidirectional from Jira to PlexTrac
Bidirectional
One-time from PlexTrac to Jira
One-time from Jira to PlexTrac

Two primary implementation scenarios exist:

Tenancy-wide integration: A single Jira connection is supported across the entire PlexTrac instance.
Client-specific integration: Each client can have its own dedicated Jira instance integration.

In cases where a user, based on associated permissions, has access to both the tenancy-wide and a client-specific integration, they will be prompted to choose the appropriate Jira instance when linking a finding to a Jira ticket. This flexibility allows organizations to tailor the integration to their specific workflow needs.

Setting up a Jira Integration

Step 1: Click Integrations under "Tools & webhooks" from the Admin Dashboard.

Step 2: Click the Jira box.

Step 3: Click New connection.

Step 4: Enter a connection name in the provided box. Identify if this connection is across all clients or is client-specific.

Step 5: Click Continue at the bottom of the page.

Step 6: On the second tab, input the correct information in the provided fields. The application provides instructions on the right on how to find information for each field.

If "Every day" is selected for the refresh frequency, the daily synch time will occur at 04:45 UTC (9:45 PM MTN).

Step 7: Click Save & continue at the bottom of the page.

If the connection is unsuccessful, an error message will be provided at the top of the page.

If a successful connection is made, the tool will progress to the next tab to continue.

Step 8: On the Select projects tab, choose the project(s) from Jira to integrate with by clicking the box next to the desired project. Only these projects will be available when creating tickets from findings. Click Continue with x projects when finished.

It may take some time to set up the connections, depending on the number of projects selected.

Step 9: On the Map fields & save tab, select a project to configure from the pulldown "Project name."

Step 10: Select the Jira project issue type from the provided list to configure.

Step 11: Review the default mappings and adjust as desired.

PlexTrac findings cannot be created from Jira issues. Syncing from Jira to PlexTrac will occur after the initial issue creation.

The symbol displayed between the PlexTrac and Jira fields identifies the direction and synch of information between fields.

Required fields are identified with a red asterisk and cannot be deleted.

To modify the direction, click the icon and select the desired direction from the options provided. The icon arrow points to the direction information flows between the two fields.

Jira to PlexTrac (Continuous sync)
When a change occurs in a Jira issue, the connected PlexTrac finding will be updated. When changes occur in PlexTrac, the Jira issue will not be updated. PlexTrac findings cannot be created from Jira issues. Syncing from Jira to PlexTrac will happen after the initial issue creation.
Bidirectional (Continuous sync)
When a change occurs in a PlexTrac finding, the connected Jira issue will be updated. When changes occur in Jira, the PlexTrac finding will be updated.
PlexTrac to Jira (Continuous sync)
When a change occurs in a PlexTrac finding, the connected Jira issue will be updated. When changes occur in Jira, the PlexTrac finding will not be updated.
PlexTrac to Jira (One-time sync) Syncs data from PlexTrac to Jira upon ticket creation. A change in a PlexTrac finding will not be synced to the connected Jira issue.

If a bidirectional or Jira to PlexTrac direction is configured, be aware that a user in Jira could change findings values in PlexTrac despite not having access or permissions to do so within PlexTrac.

Step 12: Repeat this process for each project issue type.

The options available in the PlexTrac field pulldown menus are contextual to the values selected in the Jira column. To change the options provided for PlexTrac fields, change the field provided in the Jira column.

To add a new row for additional mappings not provided by default, click the plus icon at the bottom (after the last mapping).

Not all fields in PlexTrac can be mapped to all fields in Jira. In those scenarios, fields will display a red icon when hovered over and a text description of "incompatible data type" when scrolling through the list of fields.

Click the pulldown menu in the PlexTrac field to select the desired field. Then click the pulldown menu in the Jira field to associate the desired mapping. Finally, select the desired flow.

To delete any row, hover over it with the cursor and click the red trashcan icon.

Step 13: Click Save & Continue.

Mapping PlexTrac Custom Fields

PlexTrac custom fields can be added for mapping to a Jira field, including fields with a dropdown menu.

Step 1: Click the plus icon at the bottom of the Map fields tab (after the last existing mapping).

Step 2: Click the pulldown menu in the Jira column of the newly added row to view the available fields in Jira to map.

The Jira field must have a data type value of "String," "Option of strings," or "Non-Nullable String." The Jira data type is shown in the right column of the Jira fields when the options provided in the Jira field pulldown menu are viewed.

A data type value of "any" is displayed when PlexTrac does not know the data type due to how the field was added to Jira through a plug-in. Mappings with a data type value of "any" may not work as intended.

Step 3: Click within the PlexTrac column pulldown menu of the row just added and select "Custom Field" from the list.

Step 4: Enter the custom field key name.

The custom field key is located on the Custom Fields tab of a finding that is found via the Reports module.

If the custom field key entered is different than what exists in PlexTrac, the mapping will not work, and a new custom field with that incorrectly entered value will be created in PlexTrac.

Step 5: Click Save.

Mapping Jira Custom Fields

Jira custom fields available for mapping can be viewed by clicking a field in the Jira column and scrolling to the bottom of the window under the label "CUSTOM."

Jira custom fields from a third-party plugin cannot be mapped.

Mapping Finding Reported Date

The finding reported date can be mapped so that any future findings will automatically update this value in Jira.

Step 1: Click the plus icon at the bottom of the Map fields tab (after the last existing mapping).

Step 2: Click the pulldown menu on the Jira column of the row just added and select "Start Date."

Step 3: Click the pulldown menu on the PlexTrac column of the same row and select "Created Date."

Step 4: Click Save.

Visit this page for more information about linking a finding with Jira.

Any linked findings in PlexTrac will now be updated in Jira. If the mapping is configured for bidirectional, changes in this value in Jira will update in PlexTrac the next time data synchronization occurs.

Editing a Jira Integration

Step 1: From the Admin Dashboard, click Integrations under "Integrations & webhooks."

Step 2: Click the Jira box that shows the status of "Connected."

Step 3: Click Edit under the "Actions" menu of the connection to modify.

This screen is also the location to disable or delete a Jira connection.

Step 4: Go to the desired tab to adjust as desired.

Connection availability and selected clients cannot be edited. To change availability or clients, create a new connection.

Disabling a Jira Integration

Two ways exist to disable a Jira integration:

Temporarily, by toggling the button under the "Enabled" column.

2. Permanently, by clicking Delete under the three dots in the "Actions" column.

ServiceNow

PlexTrac offers an integration with ServiceNow's ITSM and GRC platform modules to allow red and blue teams to collaborate without switching between workflow tools.

ServiceNow GRC (Governance, Risk, and Compliance) is a module of the ServiceNow platform that helps organizations manage their governance, risk, and compliance processes. ServiceNow ITSM (IT Service Management) is a module of the ServiceNow platform that enables organizations to manage their IT services and operations.

Overview

Data flows from PlexTrac to ServiceNow when a finding is used to create a ticket but only from ServiceNow to PlexTrac after setup. The synchronization between PlexTrac and ServiceNow occurs every 30 minutes.

Only one ServiceNow integration can exist per PlexTrac instance.

Creating a Ticket

Step 1: On the row of the finding used to create a ticket, click the three dots under the "Actions" column and click Link ServiceNow ticket.

Step 2: A modal appears. Select the ServiceNow module, the ticket type, and the priority.

For the GRC module, an additional option exists to define the ticket issue rating.

Step 3: Click Save.

The finding now shows the ServiceNow ticket ID and a hyperlink to access the ticket on ServiceNow.

Field Mappings

When a PlexTrac finding is used to create a ticket in ServiceNow, it defaults to a status of New with the following information populated:

PlexTrac

Direction

ServiceNow

Description

-->

Description

Recommendations

-->

Description

References

-->

Description

Affected Assets

-->

Description

When the ticket is created, the priority and issue rating values are stored within ServiceNow.

Existing Ticket Updates

After the ticket is created in ServiceNow, that ticket can only be modified from ServiceNow.

The following fields are then sent from ServiceNow to PlexTrac:

ServiceNow

Direction

PlexTrac

Work Notes

-->

Status Tracker

Status

-->

Status

When a remediation ticket is created in ServiceNow, the finding status in PlexTrac remains "Open" or "In Progress" until closed.

Status Mappings

Below are the mappings of status from ServiceNow to PlexTrac for the various scenarios:

For a task and ticket:

ServiceNow Status

Direction

PlexTrac Status

Closed Complete

-->

Closed

Closed Incomplete

-->

Closed

Closed Skipped

-->

Closed

For an incident:

ServiceNow Status

Direction

PlexTrac Status

Resolved

-->

Closed

-->

Closed

Canceled

-->

Closed

For an sn_grc_issue:

ServiceNow Status

Direction

PlexTrac Status

Closed Complete

-->

Closed

Closed Incomplete

-->

Closed

If the status value in ServiceNow does not match one of the mapping rules above, the finding will not be updated in PlexTrac when data is synchronized.

Timestamp Logic

Timestamps are captured in two scenarios for this integration:

When the issue type is created in ServiceNow
When a work note is created or updated in ServiceNow

Issue Type Timestamps

The timestamp is derived from the time zone set for the ServiceNow instance. PlexTrac has no influence on this time zone.

Scenario: A user in PlexTrac links a finding with ServiceNow. An issue type is created in ServiceNow, and a time stamp is applied to the creation date based on how that ServiceNow instance was configured.

Work Note Timestamps

The timestamp is derived from when the integration sync last ran, not when the work note was created in ServiceNow. It is not a real-time integration timestamp.

Scenario: A user in SerivceNow adds a comment to an associated finding, which triggers an integration event with PlexTrac. When that happens, a note is created in PlexTrac with a timestamp of the synchronization event. That timestamp is stored within PlexTrac in UTC time and then presented to the user in their local time when viewed in PlexTrac.

Configuring an Integration

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."

Step 2: Click Connect within the ServiceNow box.

Step 3: Click Configure ServiceNow Integration.

For information on setting up OAuth or generating an API key within ServiceNow, click the links above the button.

Step 4: Select the integration authentication method.

Step 5: Enter the information into the provided boxes and click Test Connection.

A message will appear to confirm if the connection was successful or not.

Step 6: View the available modules to identify which fields have read and write access. Click Confirm.

Tenable Vulnerability Management

Tenable Vulnerability Management (VM) is a suite of cloud vulnerability management products that can export findings into PlexTrac via API.

Multiple integrations can be configured per instance or for specific clients.

This is a licensed feature.

Field Mappings

Below are the field mappings from Tenable to PlexTrac, broken up by findings and assets.

Tables include the following columns:

Tenable VM Field: the field name in Tenable VM
Direction: displays the direction in the flow of data occurring for the integration
PlexTrac Field: the field name in PlexTrac

PlexTrac only imports vulnerabilities that Tenable has not archived.

Findings Field Mappings

If a field is not listed, then PlexTrac does not currently import.

Tenable VM Field

Direction

PlexTrac Field

Vulnerability Name

-->

Finding Name

Description

-->

Description

Solution

-->

Recommendations

Assets Field Mappings

If a field is not listed, then PlexTrac does not currently import.

Tenable VM Field

Direction

PlexTrac Field

Notes

Plugin Output

-->

Affected Asset "Evidence"

Asset Name

-->

Asset Name

PlexTrac searches for the first known value in the following order: FQDN > Hostname > ipv4 > ipv6 > asset_uuid

-->

Know IP Address

Hostname

-->

Host Name

Operating System

-->

Operating System

Fully Qualified Domain Name

-->

FQDN

MAC Address

-->

MAC Address

Deduplication Logic

PlexTrac will not import findings from Tenable that have the same combination of plugin ID and severity.

Integrating Tenable

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."

Step 2: If licensed, the option to connect will appear (if not, the box will display a lock icon and "License required"). Click the Tenable box.

Step 3: Enter a connection name and select if this integration is across the tenancy or for a client (if specific to one client, select the client of the pulldown menu). Click Continue.

Step 4: Select "Connect to Tenable Vulnerability Management." Enter the Tenable URL, access key, and secret key. Click Continue.

Visit the Tenable documentation site for more information on generating API keys.

If the keys are correct, a confirmation message will confirm successful synchronization.

Step 5: Edit the field mappings on the provided tabs for findings and assets, or continue using the defaults.

Information flows only from Tenable to PlexTrac. Fields required by PlexTrac are identified with a red asterisk.

Fields that can be deleted will have an "X" next to the PlexTrac field when hovering over with the cursor. A confirmation message will appear after clicking X.

Configurable fields can be adjusted by clicking the purple line and deleting the existing connection.

Click on the Tenable field and the desired PlexTrac field to map and create a new connection.

Click Continue when finished.

The integration appears in the table as a listed connection.

Synchronizing

PlexTrac offers synchronization options for Tenable integrations.

Sync: This option conducts an off-cycle synchronization and typically takes less than ten minutes.
Full Sync: This option examines the complete Tenable database. It can take several hours, but it happens in the background and does not prevent using PlexTrac for other tasks.

Synchronization History

To view sync history, click Synch history under the integration actions menu.

Managing Integrations

Any existing integration can be disabled temporarily or deleted if no longer needed.

Disabling an Integration

To disable an integration, click the toggle button for the integration under the "Enabled" column. This action also disables the ability to synchronize the integration.

Deleting an Integration

To delete an integration, click the three dots under the "Actions" column and then Delete.

Tenable Security Center

Tenable Security Center (Tenable.sc) is a vulnerability management solution that provides visibility into the security posture of IT infrastructure. It consolidates and evaluates vulnerability data, illustrates vulnerability trends over time, and assesses risk with actionable context for effective remediation prioritization, which then can be imported as findings into PlexTrac via API.

Multiple integrations can be configured per instance or for specific clients.

This is a licensed feature.

Field Mappings

Below are the field mappings from Tenable to PlexTrac, broken up by findings and assets.

Tables include the following columns:

Tenable SC Field: the field name in Tenable SC
Direction: displays the direction in the flow of data occurring for the integration
PlexTrac Field: the field name in PlexTrac

PlexTrac only imports vulnerabilities that Tenable has not archived.

Findings Field Mappings

If a field is not listed, then PlexTrac does not currently import.

Tenable SC Field

Direction

PlexTrac Field

Vulnerability Name

-->

Finding Name

Description

-->

Description

Solution

-->

Recommendations

Assets Field Mappings

If a field is not listed, then PlexTrac does not currently import.

Tenable SC Field

Direction

PlexTrac Field

Plugin Output

-->

Scan Output

Asset Name

-->

Asset Name

-->

Know IP Address

-->

Host Name

Operating System

-->

Operating System

MAC Address

-->

MAC Address

Port

-->

Port

Protocol

-->

Protocol

Deduplication Logic

PlexTrac will not import findings from Tenable that have the same combination of plugin ID and severity.

Integrating Security Center

Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."

Step 2: If licensed, the option to connect will appear (if not, the box will display a lock icon and "License required"). Click the Tenable box.

Step 3: Enter a connection name and select if this integration is across the tenancy or for a client (if specific to one client, select the client of the pulldown menu). Click Continue.

Step 4: Select "Connect to Tenable Security Center." Enter the Tenable URL, access key, and secret key. Click Continue.

Visit the Tenable documentation site for more information on generating API keys.

If the keys are correct, a confirmation message will confirm successful synchronization.

Step 5: Edit the field mappings on the provided tabs for findings and assets, or continue using the defaults.

Information flows only from Tenable to PlexTrac. Fields required by PlexTrac are identified with a red asterisk.

Fields that can be deleted will have an "X" next to the PlexTrac field when hovering over with the cursor. A confirmation message will appear after clicking X.

Configurable fields can be adjusted by clicking the purple line and deleting the existing connection.

Click on the Tenable field, then click on the desired PlexTrac field to map and create a new connection.

Click Continue when finished.

The integration appears in the table as a listed connection.

Synchronizing

PlexTrac offers two synchronization options for Tenable integrations.

Sync: This option allows an off-cycle synchronization and typically takes less than ten minutes.
Full Sync: This option examines the complete Tenable database. It may take several hours, but it occurs in the background and doesn't hinder using PlexTrac for other tasks.

Synchronization History

To view sync history, click Synch history under the integration actions menu.

Managing Integrations

Any existing integration can be disabled temporarily or deleted if no longer needed.

Disabling an Integration

To disable an integration, click the toggle button for the integration under the "Enabled" column. This action also disables the ability to synchronize the integration.

Deleting an Integration

To delete an integration, click the three dots under the "Actions" column and then Delete.