Detectify Summary
The integration of Detectify vulnerability management with the Centraleyezer Vulnerability Management platform enhances the import and management of security findings. This collaboration allows organizations to efficiently identify, prioritize, track, and remediate vulnerabilities, thereby enhancing their overall security posture and improving risk management.
Detectify Key Features
-
Data Import:
-
Import applications, scan summaries, and vulnerabilities from Detectify security tools into Centraleyezer, either on-demand or via automated schedules.
- Supported formats: CSV, XML.
-
-
Detailed Findings:
-
Centraleyezer provides comprehensive request/response details for vulnerabilities detected by Detectify tools.
-
-
Risk Scoring:
-
Configurable severity values for Detectify findings, adjustable based on organizational risk policies.
-
-
Selective Data Import:
-
Supports filtering based on status, scan type, and severity for more precise data imports.
-
Considerations
-
The integration supports mapping one Detectify security tool instance with one Centraleyezer instance.
-
Configuring a different Detectify instance in the plugin will overwrite previously imported data.
Requirements
-
System Requirements:
-
Centraleyezer Prerequisites: Latest version of the Centraleyezer Vulnerability Management Platform recommended.
-
Detectify Tool Prerequisites: Must be able to export CSV/XML vulnerability reports
-
-
Permissions and Roles:
-
Centraleyezer: Requires System Admin or Application Security Manager permissions.
-
Detectify Security Tools: User access for vulnerability scan information.
-
Import mappings require admin-level permissions.
-
Release Notes
Version 1.0.0:
New mappings for vulnerabilities from Detectify security tools during scans include:
-
-
Name
-
CVE
-
CVSS Score (v2.0)
-
Asset
-
Severity
-
CVSS Score (v3.0)
-
Protocol
-
Port
-
Targets
-
Import Vulnerability ID
-
Description
-
Risk
-