Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Streamlining Third-Party Result Integration in the Platform

The Platform facilitates the importation of results from external vendors, allowing for centralized management and analysis. This article details the process for importing Issues. To import asset information (Hosts), please refer to the relevant section.

Using the Data Import Wizard

  1. Start the Import:

    • Access the Data Import Wizard in the bottom left sidebar.

    • Select a Project or Phase, or create a new one using the provided options.

  2. Upload File:

    • Choose your file type and upload the file or select an external scanner setup.

    • After uploading, select the issues to include and set the date when each issue was found.

  3. Complete the Import:

    • Finalize by clicking ‘Complete Import’. The Platform will process the data and redirect you to the Phase screen.

Manual Import of Issues

The Platform supports various formats including see for more details Connected Accounts

Steps for Manual Import:

  1. Create a Project:

    • Go to ‘Projects’ and click ‘+ New project’.

    • Enter the details, focusing on Penetration Testing and Managed Vulnerability Scanning services.

  2. Add Phases to the Project:

    • Click ‘Add phase’ and enter the details for each phase.

  3. Import the Results:

    • Select the created Phase.

    • Use the ‘Actions’ dropdown to choose ‘Import Issues’.

    • Select the file type and then import the issues.

  4. Review and Publish:

    • Preview and select the issues to import.

    • Change the status of imported issues to ‘Published’ for Platform recognition.

    • Update the Phase Status to ‘Delivered’ in the Project view.

Preparing Your Spreadsheet for Import

Accepted Column Headings:

  • Required: Name, Risk Rating, Affected hosts

  • Optional: Finding, Summary, Technical details, Recommendation, OWASP ID, CVE, CVSS Vector, References, Status, Confirmed_At (Sets the date when the issue was found), Remediated_At (Sets the date when an issue was fixed (if it has one))

  • Status Ratings: Draft, Open, Remediated, False Positive, Accept Risk, Suppressed

  • Risk Ratings: Info, Low, Medium, High, Critical

Note: Capitalization and underscores are flexible (e.g., ‘risk_rating’ or ‘risk rating’), and the order of headings is not critical. Additional headings are ignored.

  • No labels