Netsparker Enterprise Connector Guide

Summary: How to set up the Netsparker Enterprise connector.

Netsparker Enterprise Connector Overview

Netsparker is an automated online web application security scanner that enables users to identify security flaws by exploiting identified vulnerabilities. Netsparker then assigns a severity level to these vulnerabilities to convey the urgency and potential damage of a specific security weakness. Ivanti Neurons for RBVM/ASOC offers an API-based connector that integrates the Netsparker module into the Neurons for RBVM/ASOC platform for simplicity and flexibility. The Netsparker connector ingests application data from Netsparker and displays the vulnerabilities in the Neurons for RBVM/ASOC platform for further prioritization.

Connector Configuration

Setting Up the Netsparker Connector

Navigate to the Automate > Integrations page.

Navigation - Automation - Integrations

Using the search bar in the upper-right corner of the Integrations page, type Netsparker Enterprise to find the connector.

Netsparker Ent Guide - Search for Netsparker Enterprise

Locate the Netsparker Enterprise card on the page and click Configuration.

Netsparker Ent Guide - Configuration Button Location

In the new window under Connection, complete the required fields, as described below.

Netsparker Ent Guide - Connection Section

  • Name: The connector’s name.

  • URL: Netsparker URL.

  • API User ID: The user ID that has access to Netsparker.

  • API Token: The user ID’s API token.

  • Network: Neurons for RBVM/ASOC network name (ingested applications associated with this network).

Click Test Credentials to verify the credentials are correct and have access to make API calls to the Netsparker Enterprise instance.

Netsparker Ent Guide - Test Credentials Button Location

Configure the desired schedule for the connector to retrieve results from the Netsparker Enterprise instance and optionally turn on Enable auto URBA (Update Remediation by Assessment).

Netsparker Ent Guide - Schedule and Auto URBA Location

Click Save to create the connector.

Netsparker Ent Guide - Save Connector Button

Once saved, the connector is now visible on the Integrations page under Currently Configured Integrations.

Netsparker Ent Guide - Configured Netsparker Enterprise Connector

On the Settings (Settings Menu - Gear - Small) > Uploads page, Netsparker data is parsed from the scan file and displayed on the Applications and Application Findings pages.

Note: The Netsparker Enterprise API connector pulls issues based on the policy, and False Positive, Fixed, and Risk Accepted issues are filtered out. There is also a deduping process that completes before presenting Netsparker data in the Neurons for RBVM/ASOC platform. For repeated vulnerabilities with the same URL and plugin ID, Ivanti Neurons presents it as a single finding with multiple requests and responses.

Netsparker Data Mapping in Neurons for RBVM/ASOC

Applications Page

Application data extracted from the Netsparker Enterprise scan file is shown on the Applications page as an asset.

  • Address (Domain)

  • URLs

  • Vulnerability Counts by Severity (Total, Critical, High, Medium, Low, Info)

  • Last Scan Date

Other sections, such as Finding Categories, are populated based on information collected from the scan file.

Netsparker Ent Guide - Applications Page

Application Findings Page

Any finding data extracted from the Netsparker Enterprise scan file is shown on the Application Findings page.

Section

Neurons for RBVM/ASOC Field

Netsparker Field

Application Finding Details

Title

Title

Description

Description

Discovered On

First Seen Date

Last Found On

Last Seen Date

Scanner Severity

Severity

Vulnerabilities

CVSS 3.0

CVSS

CWE

CWE

CAPEC

CAPEC

WASC

WASC

PCI32

PCI32

Detailed Information

URL

URL

Headers

HTTP Request

Response

HTTP Response

Scanner Output

Confirmed

Confirmed

Certainty

Certainty

Netsparker Ent Guide - Application Finding Detail