Overview


About

Netsparker is an automated, yet fully configurable, web application security scanner that enables you to scan websites, web applications, and web services, and identify security flaws. Netsparker can scan all types of web applications, regardless of the platform or the language with which they are built. When integrated with your Vulcan Platform, you'll be able to review web application vulnerabilities on your assets, while leveraging the power of Vulcan Cyber discoverability and automation.


Configure the Netsparker connector

Prerequisites

First, you need to grant the Vulcan Platform access to your Netsparker instance by issuing a user token. You authenticate to the Netsparker API by providing a user ID and authentication token. For instructions, click here.

  1. Log in to your Vulcan Cyber dashboard and go to Connectors

  2. Click on Add a Connector

  3. Click on the Netsparker icon

  4. Enter the following information into the connector setup page.

    • User ID and API Token

    • Map Netsparker severity to Vulcan numerical score: By default, the Vulcan Platform maps the Netsparker severity value with a set of default values. To customize the specific mapping values, click show more and modify.

  5. Click the Test Connectivity button to verify that Vulcan Cyber can connect to your Netsparker instance, then click Create (or Save Changes).

  6. Allow some time for the sync to complete. You can review the sync status under Log.

  7. To confirm that the sync is complete, navigate to the Connectors tab to check the sync status. Once the Netsparker icon shows Connected, the connection is complete.


From Netsrparker to the Vulcan Platform - Fields Mapping

Connector Fields Mapping

Netsparker field

Vulcan field

Value Example

Name

Asset Name

"Name": "Prod www.mandiant.com"

Website

Asset Type

RootURL

Asset Pages > Name

"RootUrl": "https://www.mandiant.com/"

-

Asset Details

"Id": "5b6ecc81-984d-4dea-2594-adb601f4f184"

"CreatedAt": "2021-10-03T09:07:09.8289487+00:00"

"UpdatedAt": "2021-12-01T06:11:59.7728098+00:00"

"Description": "cloudflare protected www.mandiant.com"

"TechnicalContactEmail": "howard.vandevaarst@fireeye.com"

"Groups": [ { "Id": "815b3ca8-bf2d-41f3-3e8b-ada2049da899", "Name": "www.mandiant.com" } ]

"IsVerified": true

"LicenseType": "Subscription"

"AgentMode": "Cloud"

Tags

Asset Tags

"Tags": []

Create tags from IsVerified: True/False

Create tag for Scan_Policy

Description

Vulnerability title

"Description": "Content Security Policy (CSP) Not Implemented"

Summary

Vulnerability description

"Summary": Netsparker Enterprise detected that origin leakage is possible due to use of strict-origin in the Referrer-Policy implementation.

-

Vulnerability details

Enable CSP on your website by sending the [...]

-

Fix > Title

Netsparker Recommendations for {vulnerability title}

Fix Description in Netsparker

Fix > Description

Configure your web server to respond with Expect-CT header. [...]

Fix references in Netsparker

Fix > Reference

"RemedyReferences": [...]

Vulnerability Status Mapping

Netsparker status

Vulcan status

Present

Vulnerable

Fixed

Fixed

False Positive

Ignored - false positive

Accepted risk

Ignored - risk acknowledged

Vulnerability Score Mapping

Connector Score

Vulcan score

Critical

10

High

7

Medium

5

Low

3

Best Practice

0

Information

0


Locating Netsparker vulnerabilities in the Vulcan Platform

As Netsparker discovers vulnerabilities, the Vulcan Platform connector imports those vulnerabilities for reporting and action. With a large number of assets and vulnerabilities, discovering specific vulnerabilities via source is made easy with filters.

  1. Open the Vulcan Platform dashboard and navigate to the Vulnerabilities. Click on the Search or filter vulnerabilities search box, scroll to the Vulnerability Source option, and click to filter by the vulnerability source.

  2. Locate Netsparker on the vulnerability source list and click to filter results by Netsparker.

  3. Click on any vulnerability to view further information.


Locating Netsparker assets in the Vulcan Platform

To quickly locate all synced website application assets from Netsparker, Go to the Assets tab in Vulcan Cyber.

  1. Open the Vulcan Cyber Platform and navigate to Assets > Websites tab.

  2. Click on the Search or filter websites input box and select Connector from the drop-down selection.

  3. Locate the Netsparker option to view all synced assets.


Automating Netsparker vulnerability remediation actions in the Vulcan Platform

Large environments quickly become unmanageable if constant manual attention and action are necessary to remediate vulnerabilities. Take advantage of the automation capabilities of Vulcan Cyber and the Netsparker connector.

Learn how to create automation

Did this answer your question?