Skip to content

VIDEO

Edgescan Integration

This short video demonstrates how PlexTrac integrates with Edgescan, a web application security testing solution. Through this integration, security teams can import and map their vulnerability data from Edgescan into PlexTrac as findings for reporting and remediation. The video showcases how easy it is to set up the integration and how it can help security professionals work more efficiently.

Series: PlexTrac MiniDemo Series

Category: Assessments, Integrations, Reports

   BACK TO VIDEOS

Transcript

We’re excited to introduce our new Edgescan integration today. This is just one of the many integrations that can help you make the best use of the PlexTrac platform. In partnership with the Edgescan team, we’ve introduced an integration that allows you to pull in your vulnerabilities and their associated assets from the Edgescan tool. You can do this by building custom reports focused on a particular asset, or you can do this on an assessment by assessment basis.

Once your Edgescan integration is configured, all of your PlexTrac users can leverage this integration when building reports.

For the purposes of this demo today, let’s say I’ve just received notice that an assessment has been completed in my Edgescan tool. So from here, I can quickly establish a new report in the PlexTrac platform and I can navigate to add particular findings. In this case, I’m going to select from our integrations, and this is going to pull up any integrations that have been configured for my instance of PlexTrac and we’ll continue with Edgescan here. At this point, we have several tools that are going to help you find the right vulnerabilities or assets from Edgescan to bring in to populate this report. In PlexTrac, the first thing you can do is just search by vulnerability name. You can also search by any tags you may have associated with a vulnerability within Edgescan as well. If we were doing this on an assessment by assessment basis, I may want to search by asset name or ID and then determine the date range that reflects the most recent assessment that’s been completed, and that might give me the entire set of findings from a particular assessment.

Or if I were completing a quarterly report on an asset, I could search by asset name here, maybe identify severity, a date range that is reflective of that quarter. That might be another example for this demo. I’ve just gone ahead and loaded quite a few findings here from Edgescan, and as you can see, we’re showing you the name as well as some pre created tags. As data from Edgescan is created in PlexTrac, we’ll automatically create tags with the ID or the vulnerability ID. And this is just one more sorting and filtering tool that will assist you when using this data. In PlexTrac, you can see the asset name and ID is here showing me more about which assets these findings are on. And for this example, I’m just going to go ahead and select several vulnerabilities here and we’ll go ahead and continue.

Now, in the PlexTrac platform, you always have the opportunity to add additional tags to your findings or assets. So beyond the ones we’re automatically creating in this integration, you can choose to add additional tags if they’re a part of your team’s workflow and are going to help you filter and sort and find the data you need when using PlexTrac.

So now we’re creating these findings. You can see our report is being populated with these findings from the Edgescan integration. As these findings come in, we’re going to have all the information from the vulnerability from Edgescan populated here in the finding. We’ll always show you the source of this data in PlexTrac here, as well as those tags that we talked about. Now, this particular vulnerability is associated with this asset, and we can always click to find out more about the affected asset here as well.

Now that our report is populated with these findings, we can take advantage of some of the great tools in PlexTrac. From here, we can identify what next steps we need to take. So if your team is using a tool like Jira, you can associate this finding with a Jira ticket. We also support a ServiceNow integration as well. Or you can use our out of the box status tracker and identify a user in PlexTrac to be assigned to this finding. We might want to change the status, add some comments, clarify the severity of this issue and when it needs to be resolved. These are all tools that can help you make use of this data.

On the PlexTrac side, we’ve got lots of other tools focused on report output and communication that help us take this information and hopefully convey what needs to be done and when. We hope this demo is helpful and we’re excited, like we said, to introduce one additional integration in our ever growing list of tools that PlexTrac works with to make your job easier.