MetricStream Connector Guide
Summary: How to set up and use the MetricStream connector in RBVM/ASM.
Overview
The Ivanti Neurons for RBVM/ASPM platform provides a connector that integrates with MetricStream for GRC ticket creation. The MetricStream user credentials used in the connector configuration should have create, read, and write permissions to the specific project to create tickets and subsequently query ticket status. The user can create a ticket on a single vulnerability or multiple vulnerabilities.
This connector works in concert with workflows in Ivanti Neurons for RBVM/ASPM. The connector creates a new ticket in MetricStream when a user creates a Risk Acceptance workflow within Ivanti Neurons. After a user requests a workflow, the team will continue with evaluation and approval of the workflow directly within MetricStream.
When a user configures the MetricStream connector in Ivanti Neurons, Ivanti Neurons will reject any Requested, Reworked, or Approved Risk Acceptance workflows.
Refer to the following link for the user permissions required for configuring the MetricStream Connector Developer portal .
Configuring the MetricStream Connector
Navigate to the Automate > Integrations page.
Using the search bar in the upper-right corner of the Integrations page, type MetricStream to find the connector.
Locate the MetricStream card on the page and click Configuration.
Complete the required fields in the new window under Connection, as described below.
- Connector Name: The name of the connector instance.
- Username: Username of the user that has access to the MetricStream instance.
- Password: Password of the user that has access to the MetricStream instance.
- Location (URL): The URL of the MetricStream instance.
Click the Test Credentials button to ensure the credentials are correct and have the necessary access to make MetricStream API calls.
Under Configurations, the platform makes dynamic calls to pull information from MetricStream. All the available fields will be fetched from the connector. Here is a sample of mandatory fields that may appear based on the configuration of MetricStream:
Issue Details: Here is an example of mapping these MetricStream fields to the platform fields.
Locked Fields: Select any fields that cannot be modified when a risk accepted workflow is requested. The platform will show the values that are set in the configuration of the connector.
Ticket Attachments: In this section, the user can configure fields for ticket attachment exports. Users can configure a custom attachment by selecting a saved template.
Sync Settings: This dropdown has a list of statuses from MetricStream. The platform will send updates (comments/attachments) only for the selected statuses.
Configure Priority Sync: If desired, the user can map the priority rating of the MetricStream ticket to the highest risk level of associated findings.
Mapping to Workflows: Upon saving a configuration to MetricStream, the existing Risk Acceptance workflows will be automatically rejected as the GRC tool takes control. The selected State of the GRC ticket will be in control of the status of workflows in RBVM and the corresponding status of the findings covered by the acceptance of risk.
Click Save to enable the connector.
Creating a MetricStream Ticket
After a user configures the MetricStream connector, the workflow approval process will be handled in the GRC tool; however, users will initiate ticket creation from the RBVM workflow process. To create a ticket, the user must have the ability to create workflows on any selected application or host vulnerabilities. First, select at least one finding. Next, click the Workflow button and choose the Create Workflow option.
In the Create Workflow window, choose the Acceptance option to accept risk.
After selecting the acceptance of risk option, fill in the normal RBVM workflow fields, including the reason and description. Users can attach files to the RBVM workflow; however, these files will not be attached to the workflow ticket in MetricStream.
GRC: Below the standard workflow fields, a new section for the MetricStream GRC ticket will appear. This form can be filled by the requestor to submit an acceptance of risk to the GRC. Any fields that are marked as locked in the configuration of the connector will not be editable by the users filling out the acceptance of risk request.
Once the ticket is created, it will take some time to reflect in the system. In the finding detail pane, the user will see the GRC system with the ticket number, which is a link to the ticket in MetricStream along with the current state of the ticket in the ticketing system.
