PlexTrac
PlexTrac is pentest reporting platform that scans your assets and generates pentest findings from those assets. You can bring asset, assessment, client, and other security data from PlexTrac into Brinqa to construct a unified view of your attack surface and strengthen your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with PlexTrac and how to obtain that information from PlexTrac. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select PlexTrac from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate PlexTrac with Brinqa:
-
API URL: The PlexTrac API URL. The default format is
https://<ServerName>/. -
Username and Password: The username and password associated with the PlexTrac user, which must have permissions to log in to the API server and return data.
infoThe PlexTrac user must have at least the Analyst or Standard User role assigned to them in order to retrieve data from the PlexTrac API. For additional information on roles and users, see PlexTrac documentation.
Additional settings
The PlexTrac connector contains additional options for specific configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.
-
Parallel requests: The maximum number of parallel API requests. The default setting is 4.
Types of data to retrieve
The PlexTrac connector can retrieve the following types of data from the PlexTrac API:
Table 1: Data retrieved from PlexTrac
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Asset | Yes | Host |
| Assessment | Yes | Assessment |
| Client | No | Not Mapped |
| Finding | Yes | Pentest Finding, Pentest Finding Definition |
For detailed steps on how to view the data retrieved from PlexTrac in the Brinqa Platform, see How to view your data.
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes.
Asset
Table 2: Asset attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| asset | name |
| assetCriticality | Local variable |
| clientId | Local variable |
| createdAt | Local variable |
| cuid | Local variable |
| data_owner | Local variable |
| description | description |
| dns_name | dnsNames |
| findings.info | Local variable |
| hostname | hostnames |
| host_fqdn | Local variable |
| host_rdns | Local variable |
| id | Uid |
| knownIps | ipAddresses |
| mac_address | macAddresses |
| netbios_name | Local variable |
| notes | Local variable |
| operatingSystems | Local variable |
| parent | Local variable |
| pciStatus | Local variable |
| physical_location | location |
| ports | Local variable |
| system_owner | owner |
| tags | tags |
| total_cves | Local variable |
| type | categories |
| updatedAt | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Assessment
Table 3: Assessment attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| all_approved | Local variable |
| assess_id | uid |
| assessment_date | lastAssessed |
| assessment_title | name |
| client_id | Local variable |
| client_name | Local variable |
| doc_type | Local variable |
| framework.categories | Local variable |
| framework.id | Local variable |
| framework.label | Local variable |
| framework.title | Local variable |
| framework.version | Local variable |
| has_reviewers | Local variable |
| last_updated_by.createdAt | local variable |
| last_updated_by.email | local variable |
| last_updated_by.updatedAt | local variable |
| questionnaire_id | Local variable |
| reviewers.email | Local variable |
| saved_at | Local variable |
| tenant_id | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Finding
Table 4: Finding attribute mappings
| Source Field Name | Maps to Attribute |
|---|---|
| affected_assets.cuid | targets |
| affected_assets.knownIps | Local variable |
| assignedTo | Local variable |
| calculated_severity | Local variable |
| client_id | Local variable |
| client_name | Local variable |
| closedAt | lastFixed |
| code_samples | Local variable |
| createdAt | sourceCreatedDate |
| cuid | uid |
| description | description |
| doc_type | Local variable |
| doc_version | Local variable |
| exhibits | Local variable |
| finding_id | Local variable |
| flaw_id | type, uid |
| jiraIssue | Local variable |
| last_update | sourceLastModified |
| recommendations | recommendation |
| reopenedAt | Local variable |
| report_id | Local variable |
| reportedAt | publishedDate, local variable |
| report_name | Local variable |
| references | references |
| risk_score | Vector (Calculate) |
| sev | Local variable |
| selectedScore | Local variable |
| serviceNowTicket | Local variable |
| severity | severity, severityScore, sourceSeverity |
| severity_key | Local variable |
| source | Local variable |
| status | sourceStatus, status, statusCategory |
| subStatus | Local variable |
| tags | tags |
| tenant_id | Local variable |
| title | name, Local variable |
| visibility | Local variable |
Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.
Operation options
The PlexTrac connector supports the following operation options. See connector operation options for information about how to apply them.
Table 5: PlexTrac connector operation options
| Connector Object | Option | All Possible Values | Description | Example |
|---|---|---|---|---|
| Asset | tag | Any PlexTrac asset tags | A comma-separated list of asset tags. Return only the assets with the specified tag(s). | Key: tag Value: ac.1.002,ac.2.007. This key and value combination only retrieves assets with the ac.1.002 or ac.2.007 tags. |
| type | Application, General, Network Device, Server, Workstation | A comma-separated list of asset types. Return only the assets of the specified type(s). | Key: type Value: Application,Workstation. This key and value combination only retrieves assets of the application or workstation asset type. | |
| Client | tag | Any PlexTrac client tag | A comma-separated list of client tags. Return only the clients with the specified tag(s). | Key: tag Value: clientTag1,clientTag2. This key and value combination only retrieves clients with the clientTag1 and clientTag2 tags. |
| Finding | findingTags | Any PlexTrac finding tag | A comma-separated list of finding tags. Return only the findings with the specified tag(s). | Key: findingTags Value: test_tag1,test_tag2. This key and value combination only retrieves findings with the test_tag1 and test_tag2 tags. |
| severity | Informational, Low, Medium, High, Critical | A comma-separated list of finding severity levels. Return only the findings with the specified severities. | Key: severity Value: High,Critical. This key and value combination only retrieves high and critical findings. | |
| source | Any PlexTrac finding source | A comma-separated list of finding sources. Return only findings from the specified source(s). See PlexTrac documentation on how to identify the source of a finding. | Key: source Value: Nessus,Veracode. This key and value combination only retrieves findings that originate from Nessus and Veracode scans into PlexTrac. | |
| status | closed, in process, open | A comma-separated list of finding status levels. Return only the findings with the specified status. | Key: status Value: open. This key and value combination only retrieves open findings. | |
| visibility | draft, published | Return only the findings with the specified state. For additional information, see PlexTrac documentation. | Key: visibility Value: published. This key and value combination only retrieves published findings. |
The option keys and values are case-sensitive as they are shown in this documentation.
APIs
The PlexTrac connector uses the PlexTrac API v2. Specifically, it uses the following endpoints:
Table 6: PlexTrac API Endpoints
| Connector Object | API Endpoints |
|---|---|
| Asset | POST /api/v2/tenant/assets |
| Assessment | GET /api/v2/tenants/{tenantId}/assessments |
| Client | POST /api/v2/clients |
| Finding | GET /api/v2/clients/{clientId}/reports/{reportId}/findings GET /api/v2/reports |
Changelog
The PlexTrac connector has undergone the following changes:
3.0.0
- Initial Integration+ release.