Netsparker API Credentials
To integrate with the Netsparker API you need a valid set of User ID/Token. In order to do so, please follow the instructions below, which are a summary of the ones here.
- Log in to Netsparker. https://www.netsparkercloud.com/account/signin
- Select [Your Name] (top right of the page) > API Settings.
- In the Current Password field, enter your current password.
- Select Submit to view your User ID and Token.
You will need the User ID and Token when configuring the integration between Phoenix Security and Netsparker.
Create a Netsparker Integration
- On the sidebar menu, navigate to the Scanners tab in the Integrations section.
- Click on the “Add Scanner Integration” button on the right side of the page.
- On the second step you need to provide the required details for the scanner integration. In the case of Netsparker you need to provide:
- Name: The name for this integration.
- Server URL: This is optional. You only need to provide this if you know that your account’s API URL is different than the default.
- In the next step you will be able to select whether the platform fetches all the assets and vulnerabilities available form the scanner, or you can include/exclude individual “targets” (applications, project, etc), if supported by the scanner.
- To finish the configuration click on “Create Scanner“.
Unless there are issues with the credentials, the new scanner will appear in your list of integrations (under Integrations > Scanners) and the platform will start to collect asset and vulnerability details from all Subscriptions available through the integration credentials.
All the scanner’s assets and vulnerabilities will be automatically added to your account’s Default Application, and will be available to start assigning them to user-created Applications as required.