Invicti
Invicti is a dynamic application security testing (DAST) and interactive application security testing (IAST) scanning tool. You can bring website and application issues from Invicti into Brinqa to construct a comprehensive and unified view of your attack surface and strengthen your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Invicti and how to obtain that information from Invicti. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Invicti from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Invicti with Brinqa:
-
API URL: The Invicti API URL. The default URL is
https://www.netsparkercloud.com
. -
User ID and API token: The user ID and API token associated with the Invicti account, which must have permissions to log in to the API server and return data.
Generate an Invicti API token
For the Invicti connector to use the Invicti Enterprise API, you must provide an API token.
To view the API token for an existing user, follow these steps:
-
Log in to your Invicti Enterprise account.
-
Click your name on the upper-right corner of the page and navigate to API Settings.
-
Enter your password and click Submit.
Your Invicti User ID and token display. Copy the API token and save it in a secure location.
To generate a new API token, follow these steps:
-
Log in to your Invicti Enterprise account.
-
Click your name in the upper-right corner of the page and navigate to API Settings.
-
Enter your password and click Submit.
-
Click Reset API Token. A new window appears.
-
Click Reset API Token.
The new Invicti API token displays. Copy the API token and save it in a secure location.
If you do not have the permissions to view or create a Invicti API token, contact your Invicti administrator. For additional information, see Invicti documentation.
Additional settings
The Invicti connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 200. It is not recommended to go over 200.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 4.
-
Max retries: The maximum number of times that the integration attempts to connect to the Invicti API before giving up and reporting a failure. The default setting is 10
-
Skip certificate verification: Select this option to allow for untrusted certificates.
Types of data to retrieve
The Invicti connector can retrieve the following types of data from the Invicti API:
Table 1: Data retrieved from Invicti
Connector Object | Required | Maps to Data Model |
---|---|---|
Issue | Yes | Dynamic Code Finding |
Issue Definition | Yes | Dynamic Code Finding Definition |
Scan | No | Not mapped |
Website | Yes | Site |
The Invicti connector does not currently support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from Invicti in the Brinqa Platform, see How to view your data.
APIs
The Invicti connector uses the Invicti Enterprise API v1. Specifically, it uses the following endpoints:
Table 2: Invicti API Endpoints
Connector Object | API Endpoints |
---|---|
Issue | GET /api/1.0/issues/allissues |
GET /api/1.0/issues/getvulnerabilitycontent/{id} | |
Issue Definition | GET /api/1.0/vulnerability/list |
Scan | GET /api/1.0/scans/list |
Website | GET /api/1.0/websites/list |
Changelog
The Invicti connector has undergone the following changes:
3.0.5
- Code clean up and general maintenance.
3.0.4
- Fixed an issue where the Issue object sync was failing.
3.0.3
-
Fixed data type mismatches for the following attributes:
- IS_VERIFIED
- SOURCE_CREATED_DATE
- SOURCE_LAST_MODIFIED
- SOURCE_SEVERITY
3.0.2
- Enhanced the STATUS_CATEGORY attribute in the Activity object to retrieve all values from the source.
3.0.1
- Aligned the severity number retrieved from the source with the risk rating in the Brinqa Platform.
3.0.0
- Initial Integration+ release.