Auto Importing of Scan Results

Owned by Jonathan Bellard
Last updated: May 19, 2022
3 min read

Prism allows you to automatically import scan results from your connected scanners (found within the https://rootshellsecurity.atlassian.net/wiki/spaces/PK/pages/1304330281 section) into the platform easily by aligning your preferred scanning technologies to a Prism project.

Auto Importing is only available for MVS - Managed Vulnerability Scanning type projects.

Enabling your Auto Import feature

In order to enable this, you first must have a scanner(s) connected to your Prism instance, see https://rootshellsecurity.atlassian.net/wiki/spaces/PK/pages/1312292887 for more details.

Once this is performed, within your created project, select the Edit link within the projects root page:

Edit a Project

This will allow you to set a number of options and features aligned to your selected project such as https://rootshellsecurity.atlassian.net/wiki/spaces/PK/pages/1303969837 and Email Reminders. When setting the Auto Import option to Enabled, you will be presented with the following information:

Enabling Auto Imports

Prism also provides a virtual tutorial walkthrough to explain the options available to you:

The following fields are then required when completing your setup:

  • *External Scanner - Select your connected external scanner that you wish to import your results from.

  • *Scan Type - The test type of the scan that will be created from an import.

  • Scan Prefix (Optional) - When a external scan is imported a Scan Prefix can be used to Prefix the name of a Prism project scan. This can be useful when trying to identify those scans that are using the auto import feature.

  • *Scan Identifier - Identifying which scans to import into Prism can be made easier by telling Prism to search for a unique scan identifier. This is useful if you only want to automatically import particular external scans. Scans are identified by a partial word match, for example: EXT VA....

Scan identifier step is crucial in order to tell Prism what data/scan to import from your scanning platform.

  • Merge Multiple Scans (Optional) - This feature allows you to merge multiple scans completed on the same day relating to the selected scanner. This is particularly useful if you have multiple external scans completing each day. This feature will combine those multiple scans into one scan entry within Prism.

  • Merge Multiple Scanners (Optional) - This feature allows you to merge multiple scans completed on the same day relating to the multiple scanners. This is particularly useful if you have multiple external scans completing each day. This feature will combine those multiple scans from multiple scanners into one scan entry within Prism.

  • Auto Publish Issues (Optional) - Enabling this feature will instruct Prism to mark the issues as Published, and therefore visible to all users that have access to these results. This is particularly useful for getting results into Prism quicker, but may contain false positives as no validation of the results will have been conducted. If this feature is not enabled, issues will be imported in the default Draft state, and will require the scan to be completed for visibility across the platform.

  • *Confirm Scanner - Once you have provided the scanner's details, confirm the scanner to save it against the project.

*Required Fields

Once the above has been performed, Prism will poll your scanning technologies multiple times a day in order to pull in the completed scan results in a timely manner. When an import is successful, you will be notified through in-platform notifications and emails if you are setup as the Project Lead of the Project.