SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Standard with Email

Sometimes, instead of, or as well as, integrating Netsparker Standard with a specialised application, you may want to have vulnerabilities sent to an email address.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to one or more email addresses.

For further information, see Configuring the User Interface for Custom Send To Actions in Netsparker Standard and Configuring Auto Send To Actions in Netsparker Standard and What Systems Does Netsparker Integrate With?.

Email Fields

The table lists and described the Email fields in the Send to Actions tab.

Button/Section/Field

Description

Add

Click to add an integration.

Delete

Click to delete the integration and clear all fields.

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

Action

This section contains general fields about the Send to Action.

Display Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

Host

This is the server name or IP address from which to send mail.

Port

This is the port number to be used.

Username

This is the name of the user. If you are using a personal access token (see below), leave this field blank.

Password

This is the password that is used for the email account.

From Address

This is the address from which the mail is sent.

To Address

This is the address to which the mail is sent.

Vulnerability

This section contains fields with vulnerability details.

Body Template

This is the template file to create description fields.

Title Format

This is the string format that is to create the vulnerability title.

Optional

This section contains optional fields.

CC

These are the recipients that are cc'd into the email.

BCC

These are the recipients that are blind cc'd into the email.

Delivery Method

This is a dropdown from which you specify how outgoing email messages will be handled:

  • Network
  • SpecifiedPickupDirectory
  • PickupDirectoryFromlis

Enable SSL

This is a dropdown from which you specify whether SSL will be used:

  • True
  • False

How to Integrate Netsparker Standard with Email

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Send To Actions.

  1. From the Add dropdown, select Email. The Email fields are displayed.

  1. In the Mandatory section, complete the connection details:
    • Host
    • Post
    • Username
    • Password
    • From AddressTo Address
  2. In the Vulnerability section you can change the Body Template and Title Format.
Body templates are stored in %userprofile%\Documents\Netsparker\Resources\Send To Templates. If you use your own custom templates, store them in this location.
  1. In the Optional settings you can specify:
    • CC
    • BCC
    • Delivery Method
    • Enable SSL
  2. Click Create Sample Issue to confirm that Netsparker Standard can connect to the configured system. The Send To Action Test confirmation dialog is displayed.

  1. Check the email account of the email address you have just configured, to check that you have received the test email.

How to Export Reported Vulnerabilities to Projects in Email

Please ensure that you have first configured Email integration (see How to Integrate Netsparker Standard with Email).
  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select Send to Email. (Alternatively, from the ribbon, click the Vulnerability tab, then Send to Email.) A confirmation message is displayed at the bottom of the screen.

  1. The vulnerability is automatically exported to Email. You can view it in the inbox of the email address you configured to receive it.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO