As of 2.6+, you can create a new scanner source in order to import upload vulnerability reports from other 3rd parties or non-natively-supported scanning tools. These require the use of the .ThreadFix file format in order to importupload, but you must first create the scanner identifier in Threadfix first.
Creating a Scanner
...
ThreadFix. Follow the steps below:
- Go to Configuration (cog) → Administration → System Settings
- Select From within the Scanner Settings → tab, click the 'Create New Scanner' button
- Complete necessary details and click the "Create Scanner" button
- Although the new scanner will not immediately appear to not be allowed for import, logging out and back in to ThreadFix will reflect that it is, in fact, allowed...you may now upload a .ThreadFix scan file with the new scanner as the source.