Importing custom scans

81 views
Skip to first unread message

mleb...@poka.io

unread,
Jan 18, 2016, 3:48:11 PM1/18/16
to ThreadFix
Hello,

It's me again, sorry for spamming this forum, we are first-time experimenters with Threadfix, so we might have some noob questions ;-)

I am trying to integrate an unsupported Scan report (Nikto), using the REST API. The best way that I found to do this is via the "Manual Finding" method; It works well, but I was wondering two things:

-> Is there a better way to script the parsing of unsupported scanners?
-> If not, is it possible to change the name of a scan ("Nikto" instead of "Manual", for example)
-> Is there any way to use CWE numbers instead of titles? Or is there a list of acceptable CWE names somewhere? Is there an acceptable value for "unidentified" CWEs?

Thank you very much and have a good day!

Daniel Maldonado

unread,
Jan 18, 2016, 6:24:02 PM1/18/16
to ThreadFix, mleb...@poka.io
No worries, feedback is always appreciated.

-> Is there a better way to script the parsing of unsupported scanners?
The best option is develop the appropriate importer. More information on creating an importer can be found here.

-> If not, is it possible to change the name of a scan ("Nikto" instead of "Manual", for example)
Currently there is not. All vulnerabilities brought in manually will be represented as a "Manual" scan.

-> Is there any way to use CWE numbers instead of titles? Or is there a list of acceptable CWE names somewhere? Is there an acceptable value for "unidentified" CWEs?
If an importer is developed, you can take advantage of the CWE number.  

How are you currently importing the results into ThreadFix now? If you can get the results in a CSV format you can take advantage of our SSVL converter to more easily automate the import of custom findings into ThrreadFix. More information on our converter here. More information on the SSVL format here.

Daniel M

mleb...@poka.io

unread,
Jan 19, 2016, 10:08:47 AM1/19/16
to ThreadFix, mleb...@poka.io
Hello Daniel,

Could you resend the link for "creating an importer"? It does not seem to have worked...

To answer your question, I am currently importing via a python script that translates the XML file to a REST call... I will test using the SSLV and try creating an importer; Then I will see which solution works the best for us.

Thank you!

Daniel Maldonado

unread,
Jan 19, 2016, 10:45:42 AM1/19/16
to ThreadFix, mleb...@poka.io
Reply all
Reply to author
Forward
0 new messages