As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

NowSecure

You will learn

How to create a token and add NowSecure as a remote provider in ThreadFix.

Prerequisites

Audience: IT Professional or End User
Difficulty: Basic
Time needed: Approximately 5 minutes
Tools required: NowSecure Account

ThreadFix introduced NowSecure Integration in versions 2.8.2 and 3.0.7

Adding NowSecure as an integration with ThreadFix is a simple process requiring a user to generate an authorization token in NowSecure and create NowSecure as a remote provider within ThreadFix which can then have applications mapped to it.

Generate Token

  1. Log into NowSecure. From the user account options, select Profile & Preferences.

     

  2. From the Profile tab, enter a name into the Token Name field. Click the Create button.

     

  3. A unique token will be generated. Copy and save this token as it will not be displayed elsewhere again.

NowSecure Remote Provider

With a Token created and copied, a new provider can be created for NowSecure.

  1. From the Navigation sidebar, expand the Application menu and click on the Integrations sub-menu. Select the Remote Providers page and from the same tab click the Create New Provider button.

     

  2. In the Create New Provider modal, from the Type drop-down menu select NowSecure. Fill the Name and API URL fields (the latter is https://lab-api.nowsecure.com)

     

  3. Paste the Token, previously created in NowSecure, into the Auth Token field. Click the Create Provider button.

     

  4. The new provider will be created and added to the list of Remote Providers in the same tab.

     

  5. Click on the new provider to expand its details view. To associate applications with it click the Create ThreadFix Applications button.

     

  6. A Create Applications modal will display. The modal will display ThreadFix applications that will map to the NowSecure remote provider application along with drop-down lists allowing selectable Teams to be associated per application. After selecting any desired pairings, click the Create Applications button.

    Note the application examples below were all associated with Data Collection Apps from the Teams.

     

  7. From the NowSecure provider, click the Import All Scans button to initiate a scan import process. This may take a few minutes.

     

  8. Once the import process has completed, navigate to a desired application to view vulnerabilities.

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.