SUPPORT

Contact Support

OPEN A TICKET

Integrating Netsparker Enterprise with PagerDuty

PagerDuty is a digital operations management platform. It is designed to alert clients to disruptions and outages through the use of machine learning and automation. These issues are identified in real-time, alerting the right people to respond to any problems faster so that they are prevented in the future.

This topic explains how to configure Netsparker Enterprise to send a detected vulnerability PagerDuty.

For further information, see What Systems Does Netsparker Integrate With?.

PagerDuty Fields

This table lists and explains the PagerDuty fields in the New PagerDuty Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown elsewhere.

Mandatory

This section contains fields that must be completed.

URL

This is the PagerDuty instance URL (e.g. https://yoursubdomain.pagerduty.com/).

From

This is the email address of a valid user associated with the PagerDuty account making the request.

API Access Key

This is the API Access Key for authentication.

Service Id

This the ID of the service on which the incident will be created.

Service Type

This is the type of the service on which the incident will be created. The options are:

  • service
  • service_reference

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Urgency

This indicates the urgency of the issue. The options are:

  • high
  • low

How to Integrate Netsparker Enterprise with PagerDuty

  1. Log in to Netsparker Enterprise.
  2. From the main menu, click Integrations, then New Integration.

  1. From the Issue Tracking Systems section, click PagerDuty. The New PagerDuty Integration window is displayed.

  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
    • URL
    • From
    • Api Access Key
    • Service Id        
  3. Open PagerDuty.
  4. From the main menu, click the Configuration dropdown, and then API Access. The current API Key is displayed. (Or you can create a new API key by clicking Create New API Key.)

  1. Copy the API Key value from PagerDuty (you will need it in the next step).
  2. In Netsparker Enterprise, paste the API Key into the API Access Key field in Netsparker Enterprise.
  3. In PagerDuty, you now need to access the Service Id. From the main menu, click Configuration, then Services. The current Services are displayed. (Or you can create a new Service by clicking New Service.)

  1. Then click on the title of the service or click the More dropdown, then Edit Settings to access the detail page.

  1. The value in the last part of the URL of the detail page is the Service Id.

  1. Copy the Service Id value from PagerDuty (you will need it in the next step).
  2. In Netsparker Enterprise, paste the Service Id into the Service Id field.
  3. Click Create Sample Issue to confirm that Netsparker Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.

  1. In the confirmation message, click the Issue number link to open the issue in your default browser.
  2. If the PagerDuty integration is not configured correctly, Netsparker Enterprise will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
    • If the Service Id was entered incorrectly

    • If the From or Api Access Key  was entered incorrectly

  1. Click Save to save the integration.

How to Export Reported Vulnerabilities to Projects in PagerDuty

There are several ways to send issues to PagerDuty with Netsparker Enterprise:

  • Once notifications have been configured, you can configure Netsparker Enterprise to automatically send vulnerabilities to PagerDuty after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues from the Issues window:
    • You must have Manage Issue permission.
    • From the main menu, select Issues, then All Issues. The Issues window is displayed.
    • Select one or more issues you want to send.
    • Click Send To, then PagerDuty

    • A popup is displayed, with a link to the issue you have sent to PagerDuty. If there is an error, this information will be displayed instead.

  • You can also send an issue from the Recent Scans window:
    • From the main menu, click Scans, the Recent Scans.

    • Next to the relevant scan, click Report. The report is displayed.
    • Scroll down to the Technical Report section.
    • From the list of detected vulnerabilities, click to select an issue and display its details.

    • Click Send To, then PagerDuty

    • If you have previously submitted this vulnerability to PagerDuty, it will already be accessible. You cannot submit the same issue twice.
  • If you view opened problem logs in PagerDuty, they look like this.

  • Incident details on PagerDuty look like this.

Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO