So here is the use case
We create a JIRA issue for a given vulnerability - that is working… but what we like to do is provide a link to that given vulnerability in either InsightVM (prefered)
- like Rapid7 Exposure Analytics
or Nexpose
- like https://nexpose.xxx.com:3780/vulnerability/vuln-summary.jsp?vulnid=10146
Thus given the user the ability to go that vulnerability (after authenticating) without having to “hunt” for it
So far all I get is the API link (which is good for workflow building, but…)
Depending on which action you are using with the InsightVM plugin you can do this.
Action: Get Vulnerability Affected Assets - This action is used to get the assets affected by the vulnerability.
One of the output options are links to corresponding or related resources.
Thank you for the quick answer!! My apologies, I guess I didn’t explain the want correctly.
The current workflow takes the vulnerability title, it then creates an SQL report that contains the list of assets. This is working good.
However, we’ve been asked to provide the link to the console to the given vulnerability. Unfortunately, all the links provided by the actions are for the API.
For now I have a work around - we are adding the link “manually” as follows https://nexpose.xxx.com:3780/vulnerability/vuln-summary.jsp?vulnid={{VulnID}}