Scanner integrations for your
existing security stack
Centraleyezer ingests results from the scanners you already run, fits your identity infrastructure, and forwards events to your SIEM — no rip-and-replace required.
Showing 66 integrations — 49 available, 17 on roadmap
Nessus Professional
Industry-standard vulnerability scanner. Covers network hosts, ports, services, authenticated local checks, web application scanning, and CIS/DISA STIG compliance auditing.
Integration guideTenable.io SC (Security Center)
Tenable Security Center with distributed sensor architecture for continuous network vulnerability and compliance assessment at enterprise scale.
Integration guideQualys VMDR
Qualys Vulnerability Management, Detection and Response — covers network assets, web application DAST, and policy compliance. All POD regions: US, EU, India, Canada, UK, Australia.
Integration guideRapid7 InsightVM
Rapid7 InsightVM network vulnerability assessment with live exposure analytics and full finding lifecycle mapping.
Integration guideOpenVAS / Greenbone
Open-source network vulnerability scanner (OpenVAS / Greenbone Community Edition). CSV export import covering hosts, services, and authenticated OS checks with CVE correlation.
Integration guideOutpost 24
Outpost 24 vulnerability assessment findings covering network and web application vulnerabilities. XML import.
Integration guideBeyondTrust
BeyondTrust network vulnerability scanner findings imported via CSV export for centralised tracking and risk prioritisation.
Integration guideIntruder
Intruder continuous vulnerability scanner findings covering network exposure and web application issues. CSV import.
Integration guideGFI Languard
GFI Languard network security scanner findings — covers patch status, missing hotfixes, and network vulnerability alerts. XML import.
Integration guideMetasploit Pro
Metasploit Pro vulnerability scan and exploitation results imported via XML for validated finding tracking.
Integration guideNipper
Nipper network device security audit results for routers, switches, and firewalls. XML and CSV import with CIS/DISA benchmark mapping.
Integration guideShodan
Shodan API for external perimeter visibility — discovers internet-exposed services, open ports, banners, and misconfigurations across your IP ranges.
Integration guideAlienVault USM
AlienVault USM vulnerability and threat data imported via CSV and XLS exports for unified risk tracking.
Integration guideTripwire IP360
Tripwire IP360 network vulnerability audits imported from the VnE console API — latest completed audit per network, with host and OS detail. CSV import also supported.
Integration guideNERVE
NERVE open-source network vulnerability scanner findings imported via CSV export.
Integration guideMicrosoft Defender for Endpoint
Microsoft Defender vulnerability management findings from the Microsoft 365 Defender portal — covering Windows, macOS, and Linux endpoint vulnerabilities.
AWS Inspector
Amazon Inspector vulnerability findings for EC2 instances, Lambda functions, and ECR container images. JSON import with CVE and CVSS mapping.
Integration guideProwler
Prowler cloud security posture findings for AWS, Azure, GCP, and Kubernetes — imported live from the Prowler App API or via Prowler CLI OCSF output files.
Integration guideTrivy
Aqua Trivy open-source scanner for container images, filesystems, and IaC. JSON import covering OS packages and language library vulnerabilities.
Integration guideHarbor (container registry)
Harbor OCI-compliant registry scan result ingestion. Tracks vulnerabilities across your entire container image catalogue as images are built and pushed.
Integration guideAgentSec
Centraleyezer AgentSec endpoint agent for host-level vulnerability collection on assets where agentless scanning is not possible. Task-driven via the Centraleyezer agent API.
Integration guideWazuh
Wazuh agent-based security monitoring deployed on endpoints and servers. Feeds vulnerability data, security events, and SCA compliance check results into Centraleyezer.
Integration guideRed Hat Satellite
Red Hat Satellite patch and vulnerability data ingestion for RHEL-based infrastructure. Tracks package-level vulnerabilities and errata across managed hosts.
Integration guideLynis
Lynis host security audit findings covering system hardening, configuration weaknesses, and compliance checks across Linux and Unix systems.
Integration guideBurp Suite Enterprise
PortSwigger Burp Suite Enterprise Edition web application DAST. XML and API import with full request/response evidence, OWASP classification, and issue confidence mapping.
Integration guideAcunetix
Acunetix DAST web vulnerability scanner. XML and JSON import covering SQLi, XSS, SSRF, authentication bypass, and 7,000+ web vulnerability checks.
Integration guideDetectify
Detectify continuous DAST and external attack surface management via API. Covers web application vulnerabilities and exposed assets across your domains.
Integration guideHCL AppScan Standard
HCL AppScan Standard desktop DAST scanner — dynamic web application testing results imported via the scanner’s XML report export, with full test HTTP traffic evidence.
Integration guideHCL AppScan on Cloud
HCL AppScan on Cloud (ASoC) — dynamic web application testing and static source code analysis imported over the ASoC API with an API key. XML report import also supported.
Integration guideHCL AppScan 360
HCL AppScan 360 self-managed platform — DAST and SAST results imported over the same AppScan REST API, pointed at your own AppScan 360 deployment.
Integration guideOWASP ZAP
OWASP Zed Attack Proxy open-source DAST findings. XML import covering active and passive scan results with OWASP classification.
Integration guideNetsparker / Invicti
Invicti (formerly Netsparker) web application security scanner findings. XML and JSON import with proof-based scanning results and CVSS mapping.
Integration guideHP WebInspect
OpenText (HP) WebInspect dynamic application security testing findings. XML import covering web vulnerabilities, authentication flaws, and business logic issues.
Integration guideAppSpider (Rapid7)
Rapid7 AppSpider DAST scan results. XML import with full vulnerability detail, attack traffic evidence, and remediation guidance.
Integration guideNikto
Nikto open-source web server scanner findings. XML import covering misconfigurations, dangerous files, outdated software, and server-level vulnerabilities.
Integration guidew3af
w3af open-source web application attack and audit framework findings. XML import with OWASP-classified vulnerabilities.
Integration guideWPScan
WPScan WordPress vulnerability scanner findings. JSON import covering plugin, theme, and core vulnerabilities in WordPress installations.
Integration guideSSL Labs
Qualys SSL Labs API for TLS/SSL configuration assessment. Identifies weak cipher suites, expired certificates, BEAST/POODLE/CRIME exposure, and insecure protocol versions.
Integration guideBarracuda
Barracuda web application scanner findings imported via CSV export with CWE and CVSS mapping.
Integration guideSnyk Code
Snyk SAST and SCA findings import covering static code analysis (Snyk Code) and open-source dependency vulnerabilities (Snyk Open Source).
Semgrep
Semgrep static analysis findings for custom and community rule sets. Covers security anti-patterns, hardcoded secrets, and OWASP Top 10 code-level issues.
Checkmarx
Checkmarx SAST scan result import covering source code vulnerabilities, data flow analysis, and OWASP/SANS classification.
Fortify SAST (OpenText)
OpenText Fortify Static Code Analyzer scan results — covers 800+ vulnerability categories across 27+ programming languages.
Mend.io (WhiteSource)
Mend.io (formerly WhiteSource) open-source vulnerability findings. JSON export import for centralised dependency risk tracking.
Integration guideOWASP Dependency-Check
OWASP Dependency-Check open-source SCA findings covering known vulnerable libraries in Java, .NET, Python, Node.js, and more.
Black Duck (Synopsys)
Synopsys Black Duck SCA findings for open-source component vulnerabilities and licence risk across all major package managers.
JFrog Xray
JFrog Xray SCA and container security findings — covers binary components, Docker layers, and artefact dependencies across JFrog Artifactory.
AppDetectivePro
Application Security AppDetectivePro database vulnerability scanner. CSV import covering Oracle, SQL Server, MySQL, PostgreSQL, and DB2 misconfigurations and patch levels.
Integration guideImperva Scuba
Imperva Scuba free database vulnerability scanner. File-based import covering database configuration weaknesses, patch levels, and CIS benchmark compliance across Oracle, SQL Server, MySQL, PostgreSQL, and DB2.
Integration guideIBM Guardium
IBM Guardium database vulnerability assessment and activity monitoring findings. Covers misconfigurations, patch levels, privilege abuse, and compliance policy violations.
Trustwave DbProtect
Trustwave DbProtect database vulnerability scanner covering Oracle, SQL Server, MySQL, PostgreSQL, DB2, and Sybase.
Qualys Database Security
Qualys database vulnerability and compliance module covering major RDBMS platforms and CIS/DISA benchmark checks.
FOFA
FOFA cyberspace search engine API for external attack surface discovery — identifies exposed services, banners, and assets on your IP ranges and domains.
Censys
Censys internet intelligence API for attack surface management — discovers exposed hosts, certificates, and misconfigured services.
OpenSCAP / SCAP Workbench
OpenSCAP findings against DISA STIG, CIS Benchmarks, and PCI-DSS profiles. XCCDF/ARF result import for OS hardening compliance tracking.
CIS-CAT Pro
CIS-CAT Pro benchmark assessment results — maps configuration compliance findings to CIS Controls v8 and specific OS/application benchmark profiles.
LDAP / Active Directory
Microsoft Active Directory and generic LDAP authentication. Supports user provisioning, group-based role mapping, and nested group resolution.
Entra ID / Azure AD
Microsoft Entra ID (Azure Active Directory) via OAuth2 / OIDC for cloud-first and hybrid organisations.
2FA — TOTP
Time-based one-time password (TOTP) two-factor authentication compatible with Google Authenticator, Authy, and any RFC 6238-compliant app.
SSO — SAML 2.0
SAML 2.0 single sign-on for enterprise identity providers including Okta, OneLogin, Ping Identity, and any SAML-compliant IdP.
Email notifications
Rule-based email alerts on finding creation, severity changes, SLA breaches, status transitions, and resolution. Configurable per project, asset, and network.
Slack
Slack webhook notifications for finding and project events — keep your security channel informed without manual status updates.
XML
Import vulnerability findings from any XML-based scanner export — .nessus, Burp Suite XML, Acunetix XML, GFI Languard XML, Metasploit XML, OWASP ZAP XML, WebInspect XML, AppSpider XML, Nipper XML, Outpost 24 XML, XCCDF/ARF (SCAP), and more.
JSON
Import vulnerability findings from any JSON-based scanner export — Rapid7 InsightVM, AWS Inspector, Acunetix JSON, Trivy, Harbor, WPScan, Mend.io, Qualys JSON, and more.
CSV
Import vulnerability findings and bulk asset data from CSV exports — OpenVAS/Greenbone, BeyondTrust, AlienVault USM, AppDetectivePro, Intruder, and more. Also supports plain-text asset lists with custom field mapping.
REST API
Full REST API across findings, assets, projects, networks, users, roles, tags, categories, software, and permissions. JSON over HTTPS with token authentication.
Enables custom integration with any ticketing system, ITSM, SOAR, or orchestration platform.
Not on the list?
Build it with the API.
Centraleyezer exposes a full REST API across every resource — findings, assets, projects, networks, users, roles, and tags. Connect any ticketing system, ITSM, SOAR, or orchestration platform that isn't listed above.
- Findings CRUD — create, update, close via API
- Asset management — sync from your CMDB
- User and role provisioning
- Project and scope management
- Bulk operations with full audit logging
// Close a finding via API
PUT /api/finding/{id}
{
"status": "resolved",
"resolution_note": "Patched in deploy 4.2.1",
"resolved_by": "jsmith"
}
// 200 OK — finding closed, audit logged