If you are currently working with Nexpose and would like to retrieve relevant data such as vulnerabilities and vulnerable endpoints, integration with Nexpose exists. The collected data from Nexpose automatically arrives via API calls.
Once the integration with Nexpose is established, you will be able to see in Jetpatch all actions related to Nexpose:
- Create a Remediation plan based on Nexpose
- Download Nexpose Report per endpoint server
- Clear data derived from Nexpose
Prerequisites
- Communication to Nexpose server from the JetPatch application server must be allowed
- Admin user (required by Rapid7 for API access)
Test Communication and User Access
Run the following command from the JetPatch server manager
curl -k -u USERNAME:PASSWORD https://NEXPOSE:3780/api/3/assets
where username and password are the Nexpose's credentials and NEXPOSE is the Nexpose URL or IP.
Note: curl test does not work if password has special characters in it.
Nexpose Configuration in JetPatch
The following configurations are made in the intigua.properties file.
To edit the properties file:
- SSH to JetPatch application server
- Stop Tomcat (run command service tomcat stop)
- vi /usr/share/tomcat/default/conf/intigua.properties
- Add the Relevant configuration as below
-
Save and exit
-
Restart tomcat (run command service tomcat restart)
Note: By default, the matching criteria between JetPatch and the Vulnerability Scanner is merged on hostname, DNS name, and IP address. If you prefer to match on only one or two of those criteria, see this article.
Nexpose Connection:
########################################################################
# "Nexpose" integration. Provided properties for Nexpose integration #
########################################################################
pg.nexpose.enable=true
pg.nexpose.host.url=https://30.30.0.0:3780
pg.nexpose.username=John
pg.nexpose.password=1234567
#Generate nexpose report per server (see Download an Endpoint's Nexpose Report below)
pg.nexpose.report-name=JetPatch-CSV
Nexpose Advanced properties (available in build 4.1.0.93 and later)
# Size of the page in API request
pg.nexpose.page.size=500
# Concurrent jobs
pg.nexpose.concurrent.jobs=10
# Max number of connections
pg.nexpose.connection.num.total=20
# Max number of connections per route
pg.nexpose.connection.num.route=2
# The timeout until the server establishes a connection
pg.nexpose.connection.timeout.ms=-1
# The timeout until server responds AFTER a connection is established
pg.nexpose.socket.timeout.ms=60000
General Vulnerability Scanner Properties
Please check the "General Configuration" section in the Vulnerability Scanners Integration article.
Create a Remediation Plan Based on Nexpose
Read more on How to create a Remediation Plan based on Nexpose here.
Download an Endpoint's Nexpose Report
Read more on how to configure and download an endpoint's Nexpose report here.
Clear Data derived from Nexpose
If you would like to remove Nexpose data follow the Clear Data instructions.
Comments
0 comments
Please sign in to leave a comment.