What can I do with it?

Acunetix automatically creates a list of all your websites, applications, and APIs — and keeps it up to date. That means organizations leave no potential entry points unscanned and vulnerable to attack. Connect your Acunetix instance in the Hackuity workplace to create a vulnerability assessment mapped with the Acunetix information.

What can I do with it?

Tenacy is a solution dedicated to the CISO for the global management of cybersecurity and risks within organizations. This connector needs to be setup in the Augmented CISO interface. From the Augmented CISO interface, query your Hackuity cockpit in order to seamlessly retrieve information related to your vulnerability stock. This integration was integrated and tested with version 1.25.0 of Hackuity.

What can I do with it?

The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. The Exploit Database is a non-profit project that is provided as a public service by Offensive Security.

What can I do with it?

Checkmarx SAST platform identifies vulnerabilities during software development by scanning application source code, and helps you prioritize and quickly remediate security issues.

What can I do with it?

This connector permits to import assets information using the Hackuity asset Universal method based on CSV format.

What can I do with it?

This connector permits to import assessment information using the Hackuity assessment Universal method based on CSV format.

What can I do with it?

Cortex™ XSOAR is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration and threat intel management to serve security teams across the incident lifecycle. This connector needs to be setup in the Palo Alto Cortex XSOAR interface. From a war-room, query your Hackuity cockpit in order to seamlessly retrieve information related to your vulnerability stock. This integration was integrated and tested with version 1.25.0 of Hackuity.

What can I do with it?

The OWASP® Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. OWASP® Dependency-Check import permits to create assessments by uploading a .json file to your Hackuity workplace.

What can I do with it?

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. The scanner obtains the tests for detecting vulnerabilities from a feed that has a long history and daily updates. Import a OpenVAS scan by uploading a XML OpenVAS output in the Hackuity workplace to create a vulnerability assessment mapped with the OpenVAS information.

What can I do with it?

The OCD Vulnerability Intelligence Watch is a vulnerability monitoring service offered by Orange Cyberdefense. It permits to inform in real time about the vulnerabilities impacting the information system and the patches to be applied. This monitoring service allows to identify the vulnerabilities continuously, prioritize the scope of actions and implement the appropriate recommendations. Connect to the OCD Vulnerability Intelligence Watch API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment.

What can I do with it?

HTTPCS vulnerability scanner analyse and sort every URLs found on a website or a web application and theirs links to explore in priority the most relevant pages based on data partition algorithm, links analytics and language processing applied to URLs. Connect to the HTTPCS API and to seamlessly import and synchronize vulnerabilities within your Hackuity workspace.

What can I do with it?

Dynatrace combine deep observability, AIOps, and application security in one open, unified platform to continuously deliver precise answers and intelligent automation from data. Connect to the Dynatrace API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Cyberwatch is a complete Vulnerability Management platform, the platform monitors your vulnerabilities and your compliance, from detection to remediation, agent-based or agentless. Connect to the Cyberwatch API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace. Important note: currently, only CVEs are retrieved from the Cyberwatch API (no security defect).

What can I do with it?

Rapid7 InsightVM is a vulnerability management solution with visibility, analytics, and automation delivered through the Insight cloud. The solution simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities. Connect to the Rapid7 InsightVM API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Crowdstrike Falcon Spotlight provides real-time vulnerabilities visibility across the enterprise by giving relevant and timely information needed to reduce the exposure to attacks with zero impact on the endpoints. Connect to the Crowdstrike Falcon Spotlight API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

The ANSSI provides regulated operators and the public sphere with a mapping capability of their exposure surface on the Internet through the SILENE service. This service aims to give visibility to these operators on their level of exposure and to accompany them by the progressive application of adequate measures to reduce it. The ANSSI SILENE connector permits to seamlessly import a .ZIP file and synchronize ANSSI SILENE reports within your Hackuity workspace.

What can I do with it?

SecurityScorecard instantly empowers you with the trust and confidence to make smarter, faster decisions. Gain an outside-in view of your security posture so you can take preventative action. Connect to the SecurityScorecard API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Burp Suite Enterprise is the web security tester's toolkit which can be used to automate repetitive testing tasks. Connect to the Burp Suite Enterprise API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. Connect to the Amazon Inspector API (v2) to seamlessly import and synchronize EC2 instances vulnerabilities within your Hackuity workspace.

What can I do with it?

SonarCloud is a cloud-based code analysis service designed to detect code quality issues in 25 different programming languages, continuously ensuring the maintainability, reliability and security of your code. Connect to the SonarCloud API to seamlessly import and synchronize static application security testing (SAST) information within your Hackuity Workspace.

What can I do with it?

HelixALM is a modular suite of ALM tools. You can use this application lifecycle management (ALM) suite to trace requirements, tests, and issues. HelixALM provides end-to-end traceability across the application lifecycle. This plugin allows to create and follow HelixALM issues (change requests, feature requests, ...) from Hackuity workplace.

What can I do with it?

Automatically find and fix open source vulnerabilities at every stage of the software developpment lifecycle (SDLC). The Sonatype Nexus Lifecycle connector permits to seamlessly import and synchronize Software Composition Analysis reports within your Hackuity workspace.

What can I do with it?

IBM Security® QRadar® SOAR, formerly Resilient®, is designed to help your security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides IT team in resolving incidents by codifying established incident response processes into dynamic playbooks. It is a bi-directional connector that allows full integration of IBM Security QRadar SOAR processes into Hackuity.

What can I do with it?

Board of Cyber Security Rating's principle is to rate the cyber security performance and maturity of an organization thanks to an automated, continuous and reproducible evaluation of observable public data. Connect to theBoard of Cyber Security Rating API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment."

What can I do with it?

The WPScan CLI tool is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites. The CLI can use the WordPress Vulnerability Database API to retrieve WordPress vulnerability data in real time. Import a WPScan scan by uploading a .JSON WPScan output in the Hackuity workplace to create a vulnerability assessment mapped with the WPScan information.

What can I do with it?

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Nmap determines what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Import a Nmap scan by uploading a XML Nmap output in the Hackuity workplace to create a vulnerability assessment mapped with the Nmap information.

What can I do with it?

Burp Suite Professional is the web security tester's toolkit which can be used to automate repetitive testing tasks. Import a Burp scan by uploading a Burp archive in the Hackuity workplace to create a vulnerability assessment mapped with the Burp information.

What can I do with it?

ServiceNow IT Service Management provides a cloud computing platform to help companies manage digital workflows for enterprise operations. This connector permits to create and follow ServiceNow IT Service Management issues from the Hackuity workplace. It is a bi-directional connector that allows full integration of ServiceNow IT Service Management processes into Hackuity.

What can I do with it?

The NIST NVD is the repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NIST NVD connector permits to automatically gather the latests CVEs that appaer on your asset's matching operating systems or applications.

What can I do with it?

Tenable.io is a cloud based Vulnerability Scanner. Connect to the tenable.io API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Tenable.sc is a on-prem Vulnerability Scanner. Connect to the tenable.io API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity workplace.

What can I do with it?

Nessus Professional is a vulnerability scanner which performs its scans by utilizing plugins, which run against each host on the network in order to identify vulnerabilities. Plugins can be thought of as individual pieces of code that Nessus uses to conduct individual scan types on targets. Plugins are numerous and wide in their capabilities. Import a Nessus Professional scan by uploading a .nessus archive in the Hackuity workplace to create a vulnerability assessment mapped with the Nessus plugins information.

What can I do with it?

Purplemet is a Web Application Security monitoring platform to follow the web security exposure over time. Connect to the Purplemet API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment.

What can I do with it?

BeSecure is Vulnerability Management and Assessment platform which continually scans for network and application vulnerabilities. Connect to the BeSecure API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment.

What can I do with it?

Qualys VMDR is a cloud-based service that gives global visibility into where IT systems might be vulnerable to the latest Internet threats and how to protect them. Connect to the Qualys VM API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment.

What can I do with it?

Qualys WAS gives you visibility and control by finding official and “unofficial” apps throughout your environment, and letting you categorize them. Connect to the Qualys WAS API to seamlessly import, de-duplicate, normalize, and prioritize vulnerabilities within your Hackuity work environment.

What can I do with it?

Bitsight provides continuous visibility into all your critical external assets. Connect to the BitSight API and to seamlessly import findings within your Hackuity workspace. Findings that are not seen by BitSight for 2 weeks are automatically transitioned to “Fixed” in Hackuity.

What can I do with it?

Jira Software is a proprietary issue tracking product developed by Atlassian that allows bug tracking and agile project management. This connector permits to create and follow Jira Software issues from the Hackuity workplace. It is a bi-directional connector that allows full integration of Jira processes into Hackuity.