PlexTrac supports importing files from Nexpose in XML Export 2.0 format. Nexpose is a vulnerability management software developed by Rapid7. It monitors exposures in real-time, adapts to new threats with fresh data, and provides features such as adaptive security, integrated policy scanning, and intuitive remediation reports.
If a field is not listed, PlexTrac does not currently import it. All data flows from Nexpose to PlexTrac.
Nexpose Field | Direction | PlexTrac Field | Notes |
---|---|---|---|
Nexpose Field | Direction | PlexTrac Field |
---|---|---|
Title
->
Finding Title
Description
->
Description
Solution
->
Recommendation
Numerical Severity Sore Mapping
Finding Severity
10 or 9
->
Critical
8 or 7
->
High
6 or 5
->
Medium
4 or 3
->
Low
2 or 1
->
Informational
CVSS Score
->
Score Type
CVSS Score
->
Label
CVSS Score
->
Score Value
CVSS Vector
->
Calculation
CVE ID
->
CVE
Reference Source
->
References
Any hyperlinked URLs will be retained.
Exploit ID
->
Custom Field: Nexpose Exploit Available
PCI Severity
->
Custom Field: Nexpose PCI Compliance Status
Risk Score
->
Custom FIeld: Nexpose Risk Score
Vulnerability Id
->
Custom Field: Nexpose Vulnerability Id
Node Address
->
Asset Name
Device-Type
->
Asset Type
Family
->
Operating System
PCI Severity
->
PCI Compliance
Node Address
->
Known Ip Addresses
Endpoint Port
->
Port
Endpoint Service
->
Service
Endpoint Protocol
->
Protocol
Unordered list under "test id"
->
Evidence