Remote Providers 3.X

Owned by Daniel Colon
Last updated: Oct 20, 2023
5 min read

You will learn

About Remote Providers, how to create new providers, import scans, and schedule imports.

Prerequisites

Audience: IT Professional, or End User
Difficulty: Intermediate
Time needed: Approximately 5 minutes
Tools required: N/A

Introduction

Remote Providers are an interface that ThreadFix uses to import scans from SaaS platforms. Not all Remote Providers operate in the same manner, please refer to each Remote Provider guide below for further details as well as the ThreadFix Integrations page.

Note ThreadFix Bidirectional Sync has been deprecated.

 

Create New Provider

  1. Remote Providers are accessed by clicking on the Application menu on the Navigation sidebar, then clicking on Integrations and selecting the Remote Providers page.

  2. To add a Remote Provider instance to ThreadFix, click the Create New Provider button, a modal with pop-up requesting details to be filled out.

  3. Select the desired scanner from the Type drop-down field, and fill the required Name field at a minimum. Depending on what Type was selected the remaining entry fields will vary. The Force Last Scan checkbox is an option that will force ThreadFix to always retrieve the last scan from the Remote Provider. Note: in 3.1 the 'Force Last Scan' checkbox option has been removed.

     

  4. ThreadFix will import all of the integration's existing applications (even if there are no scans assigned to them):

Edit Remote Provider

To edit a Remote Provider's configuration, click on its blue edit button on the right edge of the integration listing, which will pop up an Edit Provider dialog. Note the edit icon appears as below:

Must Re-enter Password
In order to save changes to the integration's configuration, the user will need to re-enter the account's password, otherwise the Save button will remain disabled.

 

Import Scans

In order to import scans into ThreadFix, the Remote Provider applications need to be mapped to a Team/Application combo. A user can either:

  1. From the Application Menu, expand the Integration sub-menu and select the Remote Providers page. From the Remote Providers tab select  a Remote Provider and expand it. Click the Create ThreadFix Applications button.

     

  2. Manually create applications in ThreadFix and select Edit Mapping. Selecting Create ThreadFix Applications will ask for ThreadFix Teams to assign each AppScan Application to:

When clicking the Create Applications button, ThreadFix will create a new ThreadFix application with the same name as its Remote Provider application counterpart and assign it to the selected Team. Selecting Edit Mapping will ask for the Team/Application Combo to which the Remote Provider application will be mapped:

Only teams that have at least one application will appear in the 'Team' list. ThreadFix does not allow mapping a ThreadFix application to Remote Provider applications from different instances of the same Remote Provider.

Sync Remote Provider Applications

As applications are added/removed/renamed on the Remote Provider side, users can click the Sync Remote Provider Applications button to add or remove applications from the list of Remote Provider applications.

ThreadFix will provide a banner indicating what, if any, applications were added/removed.

If a Remote Provider application has been renamed on the Remote Provider side, the sync function will remove the Remote Provider application and add a new one corresponding with the new name.

If the renamed Remote Provider application had been mapped to a ThreadFix application, the mapping will not be preserved, so the newly-added Remote Provider application will need to be re-mapped again.

Import to ThreadFix

Users can either import scan data for all of a remote provider's mapped applications at once (Import All Scans button) or for a particular application (individual Importing buttons):

Once the scans have finished importing, the user will be directed to the corresponding Application Details page. The Scans tab will display the scans that were imported:

The Remote Provider Application tab will show the import status:

Scheduled Imports

Through the Scheduled Imports tab, users can schedule Remote Provider scans.

  1. Click the Schedule New Import button.

     

  2. A modal will pop-up, select the Scheduling Method, Frequency, and Time the import should occur. Specify the Remote Provider and ThreadFix application, then click the Add Scheduled Import button.

     

    When scheduling a Remote Provider Import, a time zone drop down will allow users to set a desired time zone region for the scheduled job. This is applicable for both Select and Cron Expression scheduling methods.

     

The scheduled import will then be reflected in the list.

Scheduled Sync Tasks

Through the Scheduled Sync Tasks tab, users can schedule Remote Provider scans.

  1. Click the Schedule New Sync Task button.

     

  2. A modal will pop-up, select the Scheduling Method, Frequency, Time, and Timezone the import should occur. Specify the Remote Provider (optional) then click the Add Scheduled Sync button.

     

The scheduled sync task will then be reflected in the list.

Scan Orchestration

ThreadFix supports scan orchestration via the UI for Netsparker Enterprise. In order to use the Scan Orchestration feature the ThreadFix user must have “Manage Remote Provider Scans” permission. After having configured the Remote Provider and mapped it to a ThreadFix application, click the Request button to initiate a scan, after which users can click the Import button to import the result.

Another method to initiate a scan orchestration is to click the Scan Orchestration (rocket) button within the Remove Provider Application tab as seen below.

Note an import for an application must be run before scans orchestration can be utilized.

 

 

 

 

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.