Articles in this section

Import Vulnerabilities via Nexpose

Yotam Krief
  • Updated
Follow

If you are currently working with Nexpose and would like to retrieve relevant data such as vulnerabilities and vulnerable endpoints, integration with Nexpose exists. The collected data from Nexpose automatically arrives via API calls. 

Once the integration with Nexpose is established, you will be able to see in Jetpatch all actions related to Nexpose:

  1. Create a Remediation plan based on Nexpose
  2. Download Nexpose Report per endpoint server
  3. Clear data derived from Nexpose

Prerequisites 

  • Communication to Nexpose server from the JetPatch application server must be allowed
  • Admin user (required by Rapid7 for API access)

Test Communication and User Access

Run the following command from the JetPatch server manager

curl -k -u USERNAME:PASSWORD https://NEXPOSE:3780/api/3/assets

where username and password are the Nexpose's credentials and NEXPOSE is the Nexpose URL or IP.

Note: curl test does not work if password has special characters in it.

Nexpose Configuration in JetPatch

The following configurations are made in the intigua.properties file.

To edit the properties file:

  1. SSH to JetPatch application server
  2. Stop Tomcat (run command service tomcat stop)
  3. vi /usr/share/tomcat/default/conf/intigua.properties
  4. Add the Relevant configuration as below

  5. Save and exit

  6. Restart tomcat (run command service tomcat restart) 

Note: By default, the matching criteria between JetPatch and the Vulnerability Scanner is merged on hostname, DNS name, and IP address.  If you prefer to match on only one or two of those criteria, see this article.

Nexpose Connection:

########################################################################
#  "Nexpose" integration. Provided properties for Nexpose integration  #
########################################################################
pg.nexpose.enable=true
pg.nexpose.host.url=https://30.30.0.0:3780
pg.nexpose.username=John
pg.nexpose.password=1234567
#Generate nexpose report per server (see Download an Endpoint's Nexpose Report below)
pg.nexpose.report-name=JetPatch-CSV

Nexpose Advanced properties (available in build 4.1.0.93 and later)

# Size of the page in API request
pg.nexpose.page.size=500
# Concurrent jobs
pg.nexpose.concurrent.jobs=10
# Max number of connections
pg.nexpose.connection.num.total=20
# Max number of connections per route
pg.nexpose.connection.num.route=2
# The timeout until the server establishes a connection
pg.nexpose.connection.timeout.ms=-1
# The timeout until server responds AFTER a connection is established
pg.nexpose.socket.timeout.ms=60000

General Vulnerability Scanner Properties

Please check the "General Configuration" section in the Vulnerability Scanners Integration article.

Create a Remediation Plan Based on Nexpose

Read more on How to create a Remediation Plan based on Nexpose here.

Download an Endpoint's Nexpose Report

Read more on how to configure and download an endpoint's Nexpose report here.

Clear Data derived from Nexpose

 If you would like to remove Nexpose data follow the Clear Data instructions. 

Related articles

Comments

0 comments

Please sign in to leave a comment.