SUPPORT

Contact Support

OPEN A TICKET

Integrating Netsparker Enterprise with CyberArk Vault

CyberArk Enterprise Password Vault (EPV), as a privileged access management system, helps you centrally manage privileged account identities in a single location.

  • CyberArk EPV prevents unauthorized access to critical systems. It protects privileged account credentials used in on-premises, hybrid, and cloud environments.
  • Further, it rotates privileged account passwords and SSH keys.
  • To provide clear visibility, CyberArk EPV provides audit logs to security and audit teams. So the teams know which individual users accessed which privileged or shared accounts, when, and why.

Netsparker Enterprise provides integration with CyberArk Enterprise Password Vault, so you do not need to provide sensitive credentials for vulnerability scanning on password-protected web pages.

For further information, see What Systems Does Netsparker Integrate With? and Privileged Access Management and Netsparker.

CyberArk Fields

This table lists and explains the fields in the New Vault Integration window.

Field

Description

Name

This is the name of the configuration that will be shown elsewhere. 

URL

This is the URL that must show where you set up CyberArk EPV.

Certificate File

This is the user's Certificate File.

Certificate Password

This is the user's Certificate Password.

How to Integrate Netsparker Enterprise with CyberArk EPV
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Integrations > New Integration.
  3. From the Privileged Access Management section, select CyberArk EPV.

Configure CyberArk EPV

  1. In the Name field, enter a friendly name for the integration.
  2. In the URL field, enter an URL that displays the address of CyberArk EPV.
  3. In the Certificate File field, select Certification File to upload the required file.
  4. In the Certificate Password field, enter the password required to configure the integration.
  5. Select Save.

Launching a New Scan with CyberArk EPV

When you successfully integrate CyberArk EPV, you can use this integration to launch a new scan.

This table lists and explains the fields in the CyberArk EPV Settings window.

Field

Description

Integrations

This is the name of the integration that you entered in the New Vault Integration window. Select the integration from the drop-down, if necessary.

Use Static Name

Deselect the Use Static Username checkbox only if you plan to change a username routinely.

This is selected by default.

Static Username

This holds the username value.

Username Query

This holds the username query. Enter a proper query as specified to retrieve the username from CyberArk EPV.

Password Query

This holds the password query. Enter a proper query as specified to retrieve the password from CyberArk EPV.

How to Use the CyberArk EPV Integration to Launch a New Scan
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Scans > New Scan.
  3. In the Target URL field, enter the URL.
  4. Complete the remainder of the fields, as described in Netsparker Enterprise New Scan Fields and Netsparker Enterprise Scan Options Fields.
  5. Then from the Authentication settings, select the Form tab.

Configuring CyberArk in the Form Authentication page

  1. Select Form Authentication
  2. Select the New Persona drop-down, then CyberArk EPV.
  3. Complete the fields in the dialog.

Configure CyberArk EPV Settings

  1. Select Save.
  2. Select Verify Login & Logout to test the new Persona.
Please note that this only tests whether the query works or not. It does not verify the username and/or password.

Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

Get a demo