Fortra Summary
The integration of Fortra security solutions with the Centraleyezer Vulnerability Management platform enhances the import and management of security findings. This collaboration allows organizations to effectively identify, prioritize, track, and remediate vulnerabilities, thereby bolstering their overall security posture and improving risk management.
Fortra Key Features
Data Import:
- Import applications, scan summaries, and vulnerabilities from Fortra security tools into Centraleyezer, either on-demand or via automated schedules.
- Supported formats: CSV, MySql.
Detailed Findings:
- Centraleyezer provides comprehensive request/response details for System vulnerabilities detected by Fortra tools.
Risk Scoring:
- Configurable severity values for Fortra’s System findings, adjustable according to organizational risk policies.
Selective Data Import:
- Supports filtering based on status, scan type, and severity for more precise data imports.
Secure Connectivity:
- Requires an HTTPS connection, with or without a proxy.
Considerations
- The integration supports mapping one Fortra security tool instance with one Centraleyezer instance.
- Configuring a different Fortra instance in the plugin will overwrite previously imported data.
Requirements
System Requirements:
- Centraleyezer Prerequisites: Latest version of the Centraleyezer Vulnerability Management Platform is recommended.
- Fortra Tool Prerequisites: API access must be enabled with proper authentication and must support System findings export and API-based integration.
Permissions and Roles:
- Centraleyezer: Requires System Admin or Application Security Manager permissions.
- Fortra Security Tools: User access for System scan information.
- Import mappings require admin-level permissions.
Release Notes
Version 1.0.0:
Mapped vulnerabilities from Fortra security tools during System scans, including:
- Audit ID
- Network Name
- Project ID
- Source ID
- Scanner (set to “tripwire”)