Acunetix360 Connector

Acunetix 360 is an end-to-end web security solution that offers a 360 view of an organization's security posture. It allows the enterprise to take control of the security of all its web applications, web services, and APIs, ensuring long-term protection. 


To import your data from Acunetix360 to the Kenna.AppSec module, you will need to leverage the Acunetix Connector under the Dynamic Assessment tools category.

The Connector is a mandatory full run connector. To start, you will need to have Acunetix scans running already. To do this, log into the Acunetix Vulnerability Scanner to start automating security tests.  You’ll need to create a scan against a target of your choosing. Once a scan of the target is complete, you’ll be able to start pulling that asset and vulnerability data into the Cisco Vulnerability Management platform.

 

User Prerequisites/Connector Setup:

  • If you have an on premise deployment of Acunetix, a Virtual Tunnel is required for connection.

  • Must have access to the Acunetix API, and to the items which you would like to import.
     

Configuring your Connector in Cisco Vulnerability Management

 

To set up the Connector, navigate to the Connectors tab in your Cisco Vulnerability Management deployment (you must be a Cisco Vulnerability Management Administrator to do so). On the Connectors page, select

Acunetix_Select.png

Once you select Acunetix, the following screen will appear:

 

Acunetix_Config.png

  • Enter a name for the connector, or leave it as “Acunetix”.

  • Enter the API Key for the account, along with the Host information.

    • If your host is static, enter the IP address and the port.

    • If your host is dynamic, enter the DNS and port information.

  • Schedule the Connector. Select the frequency at which you’d like your Connector to run. (we recommend mirroring the cadence of your Acunetix Scans).

  • Click Save and Verify.

  • If you’d like to set a connector level asset inactivity limit, you can do that at this time, or later. (We recommend 2-3x the scan cadence of your scans).

Your API key can be found in the profile of any Administrator user in the Acunetix instance.

image2.png

 

What Acunetix Items does Cisco Vulnerability Management Import?

Cisco Vulnerability Management will import all of the applications associated with the user leveraged for the connector. We will pull:

Fields in Acunetix360

Fields in Cisco Vulnerability Management

Note

target_address

Application Identifier

Search for application_identifer in Cisco Vulnerability Management by using the custom query box and typing application:"*"

 

File

Search for file in Cisco Vulnerability Management by using the custom query box and typing file:"*"

vulnerabilities > affects_url

URL

 

vt_name

Vulnerability Name

 

vuln_id

Unique Vulnerability ID

Unique ID of the vulnerability from the scanner.

is_open

 

vulnerability Status

 We do not map false positives, all vulnerabilities reported are imported in a default status of “open”. Once vulnerabilities are not reported in a subsequent scan, in which case the platform auto-closes the vuln.

last_found_on

Last Seen

 

Diagnosis

Description

 

source > Details

Details

 

Recommendation

Solution

 

source vulnerability > cvss_score

scanner_score

0-10

~CWE

CWE

mapped based on identifier or manual (Code based, no human input) mapping based on data received

 

The Connector does not pull in the following:

  • Custom Fields

  • Tags


Optional Settings

The following settings can be enabled on the backend for Acunetix Connectors. To have these settings enabled, or for more information, please contact Support, or your Customer Success Engineer.

  • Exclude Informationals

    • When this option is enabled, Cisco Vulnerability Management will not import vulnerabilities that do not include a CVE, CWE, or WASC ID.

  • Ignore Scanner Last Seen Time

    • If you do not want the asset last seen time in Cisco Vulnerability Management to be the scanner reported last seen time.

  • Custom Ordered Locators

    • Locators (IP, Netbios, FQDN, etc) can be reordered to better deduplicate vulnerabilities on the Connector level or the entire Platform level. For more information see the help article here.

 

Common Reasons for Acunetix Connector Run Failures

  • Bad Credentials
    • If you enter the incorrect connector credentials during the connector setup, we will not have access to the environment to make the API calls.
  • If no reports are found we will abort the Connector run, rather than fail it outright
  • If an API call fails (no data available, or other reasons)
  • Unexpected data returned

    • If Cisco Vulnerability Management receives data that is not in the expected format and we are unable to process it, the connector will fail.

  • If more than 1% of connector payloads fail to import cleanly, Cisco Vulnerability Management will auto-fail the Connector Run

    •  

 

Additional Assistance:

Please contact Support should you require any additional assistance with the Acunetix Connector(s).

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.