Tutorial part 3 – Infrastructure scanner integrations

In this part of tutorial we will cover topic of infrastructure scanning (made via network scanners such as Nessus, GVM (aka OpenVAS)).

Linking scanner with Mixeway

In order to create be able to use a specific scanner with Mixeway, You have to properly register it first. Unfortunately, each scanner use a different type of API and authentication methods that is why there is no universal method of getting it done. Each operation with scanner integration can be accessed in the Admin Zone and Scanner tab.

General requirement: Communication between Mixeway and Vulnerability scanner has to be properly secured which means Mixeway has to trust each certificate which is being used by scanner API. If You are using self-signed certificates, export public key, and then import it into the trust store which is used by Mixeway.

Please note that if there is no HashiCorp Vault integration made each password or key which has to be accessible by Mixeway in order to authenticate in scanner API will be stored in plain text in Database

Nessus Integration

Mixeway can be integrated with Tenable Nessus pro (max version 6). Nessus Pro above version 6 does not contain API which is responsible for running scans, and integration with tenable.sc is not yet prepared.

Required fields:

1. Type : Nessus
2. RoutingDomain : <pick the one which will be covered by this scanner>
3. Proxy: <If there is proxy need to access scanner API pick one>
4. API url: <url of Nessus api> e.g. https://127.0.0.1:8834
5. Access Key: <generaetd access key for proper user on Nessus GUI>
6. Secret Key: <generaetd access key for proper user on Nessus GUI>

GVM Integration (aka OpenVAS)

Integration with GVM is a little bit more complicated as this scanner is not providing REST API. In order to be able to use GVM integration, OpenVASRESTAPI has to be properly configured and run on a machine where GVM is running. Please follow guides on the project GitHub -> https://github.com/Mixeway/MixewayOpenVASRestAPI

Integration was tested on OpenVAS 9 and 10.

Required fields:

1. Type: OpenVAS
2. RoutingDomain : <pick the one which will be covered by this scanner>
3. Proxy: <If there is proxy need to access scanner API pick one>
4. API url: <url of OpenVASRestAPI api> e.g. https://127.0.0.1:8443
5. username: <username of user generated in gvmd>
6. password: <password for the user>

Nexpose Integration

The simplest integration – require username and password (just like GVM)

Share on Facebook

Tweet

Follow us

siewer

🚀 Creator of mixeway.io and academy.mixeway.io, PhD holder and cloud security team leader. Devoted DevSecOps enthusiast. Committed to making the internet a safer place 🌐 by guiding developers on secure application development. Off-duty, enjoying outdoor sports 🏞️ and Premier League ⚽.