Cherwell Ticketing Connector

Kenna’s ticketing integrations allow customers to take advantage of our powerful prioritization and reporting platform to streamline your remediation workflow and ensure that you’re able to close the vulnerabilities that Kenna prioritizes for you. With the Cherwell Ticketing Integration, you can send tickets directly from the UI to Cherwell. This guide will help you get up and running.

Cherwell_Logo___Ticket.png

Adding the Cherwell Ticketing Connector (pre-requisite to Contacting Support for Configuration)

Data flow between Kenna and Cherwell requires the configuration of the Cherwell Connector in Kenna. Unlike many of the other connectors within Kenna, the Cherwell Connector requires setup actions from Kenna’s Support team in order to successfully create the Connector. Before Emailing the Support team please complete the following:

Add the Cherwell Ticketing Connector from the connectors tab. If you do not see the Cherwell Connector by default (and you are a Kenna Admin) please email support or your Customer Success Team and ask them to enable the Cherwell connector for your Kenna Instance.

Cherwell.png

The image below shows the Kenna Cherwell Connector configuration window.

Cherwell_Config.png

The information required to configure the connector includes:

  • Username (Service Account User recommended)

    • Password for the associated Service Account

  • API Token

  • Cherwell host

    • If your host is static, you may enter an IP address and the port. If not, please enter your host and port information.

  • If your Cherwell deployment is on-premise you will need to leverage the Kenna Virtual Tunnel.

    • Once you have the Virtual Tunnel installed, in the Cherwell set-up window, please check the box for “Use Kenna Virtual Tunnel” if your deployment is on-premise. If you are deployed in the Cloud, please ignore this final bullet and move to the next step.

After entering the Username, API Key and Host information, click Save And Verify to save the connector.

Contacting Support for Configuration

Once you’ve completed the Cherwell Connector Set-up documented above, please

  • Get your Business Object Schema from your Cherwell instance

    • Instruction for this can be found on Cherwell’s help page Here

  • For each field that you want to see exposed in the Kenna “Create Ticket” dialogue box, specify:

    • The display name for the field you’d like to see in Kenna

    • The Cherwell code name for the Field

    • The dropdown choices (if the field is a dropdown)

Once you have all of the above information please send this to the Kenna Security Support team by emailing them at support@kennasecurity.com or submitting a request via the Support Portal in the upper right hand corner of this page.

From there, Support will configure your Cherwell connector on the backend with the information provided. Once that is completed, then you will be able to successfully create tickets using the “Create Cherwell Issue” button in the UX.

 

Creating a Cherwell Ticket

Tickets can be created to either address a vulnerability (or a set of vulnerabilities) or apply a fix directly in Kenna.  You can create tickets from both the Vulnerabilities tab and the Fixes tab. You can do so by selecting the checkbox to the left of the desired item, and clicking the Cherwell Issue button, which will appear next to the tabs within the explore view.

Cherwell_Create_Ticket1.png

 

Cherwell Tickets can also be created for any Top Fix group using the same button, which will appear after your connector is created. The Cherwell ticket will be created for the Top Fix Group which is currently shown on the screen and each group may contain up to 3 fixes, all of which will included in the Cherwell Issue.

Top_Fix_Cherwell.png

Once you click to create a new ticket, the Cherwell dialog box will pop up and display the custom set of fields with choice values loaded from your specific Cherwell instance (provided by your Business Object Schema). Users can select data for any of the fields. Unlike the JIRA and ServiceNow Connectors most of the Cherwell fields will be pre-populated with the appropriate Cherwell target Project information, Kenna vulnerability enumeration, or fix data.

mceclip0.png

 

Whether the Cherwell ticket creation is initiated from Vulnerabilities, Fix, or Fix Groups, ticket metadata becomes specifically tied to the associated vulnerabilities.  Visually that is displayed in Kenna in multiple ways.  First, any vulnerability with an associated ticket will show an orange “pill” on the Vulnerabilities tab.

Cherwell_Orange_Pill.png

The Service Ticket ID will be displayed on the Vulnerability ticketed within Kenna. Cherwell External IDs tend to be lengthy strings which do not display well in the platform:

Ticket_ID_Cherwell.png

The specific Cherwell Issue number is displayed on the Vulnerability Details page for the vulnerability. To get to the Vulnerability Details page, click on the vulnerability name or the blue carat to see the details on a vulnerability from the Vulnerabilities tab.

e6cff4f6-9d99-495b-becc-bffd3e4ac4ab.png

 

Issue details are at the bottom right hand side of the vulnerability detail page. This information includes Status and Assignee. When you click the link to  “View Cherwell Issue”, you will be directed to the Ticket in your Cherwell instance.

Vuln_Ticket_View_Cherwell.png

Data Flow between Kenna and Cherwell Ticketing

Data flow between Kenna and Cherwell is somewhat bi-directional.  Tickets in Cherwell are populated with asset, vulnerability, and fix information from Kenna.  A nightly data sync will pull in the service ticket number and ticket status from Cherwell but will not update the vulnerability status in Kenna. Therefore, status changes of Open/Closed/Deleted made to a ticket in Cherwell as part of the remediation workflow are synced back to the Kenna ticket view, however, any vulnerabilities associated with the ticket will not be marked as closed until data is retrieved from the scanning platform confirming the vulnerability is fixed. Once the ticket has been created in Cherwell a notification bar will appear at the top of the page with the Ticket information which is a link to the new ticket in Cherwell.

Cherwell ticket data is fully accessible from with Kenna and can be used as filter criteria from the right hand search pane in the explorer view as shown below. This view is only available if there are vulnerabilities in the current view who have a ticket status other than “None”.

Cherwell_Statuses.png

 

Additional Information

The Kenna-Cherwell Ticketing integration is built to be highly customizable. Please keep this in mind when creating the connector.

Kenna will connect to Cherwell to retrieve the list of available choices for each of the listed fields from the Business Object Schema and display them in the form presented to the Kenna user. Changes to the choices should be made in the Business Object Schema section of Cherwell and updated with Kenna Support. If you do not inform Kenna Support of the changes to the Business Object Schema, Kenna will not have the most up to date choices to display.

If a Cherwell Ticket exists for a specific Vulnerability or Fix, you will be unable to create a second ticket from Kenna for that item.

If a Cherwell ticket exists for a subset of fixes or vulnerabilities you are trying to ticket, you can create that ticket, however it will only include the data from the selection that has not yet been ticketed.

Optional Settings:

  • Service Ticket Type

    • If you wish to change the default ticket type to a different status

Please contact Kenna Support should you require any additional assistance with the Cherwell Connector.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.