Vulnerability scanners
Puppet Remediate integrates with Tenable, Qualys and Rapid7.
Note: Ask your security team for the permissions to import
vulnerability scan data.
Qualys
Add the details for your Qualys Vulnerability Manager account.
| Parameter | Description |
|---|---|
| Name | A unique and descriptive name to identify this vulnerability scanner. |
| API server URL | The HTTPS URL and port number to the platform where your Qualys account is located.
Note: Qualys CE is not API
compatible and therefore is not supported by Remediate. For more information,
see the Qualys CE
user guide.
|
| Username | Your Qualys username to authenticate with. |
| Password | Your Qualys password to authenticate with. |
Rapid7
Add the details for your Rapid7 Nexpose (on-prem) or InsightVM (cloud) account.
| Parameter | Description |
|---|---|
| Name | A unique and descriptive name to identify this vulnerability scanner. |
| InsightVM URL | The HTTPS URL and port number to your InsightVM or Nexpose instance. |
| Username | Your Rapid7 username to authenticate with. |
| Password | Your Rapid7 password to authenticate with. |
| Enable SSL certification verification | To verify the signature on the SSL certificate returned by Rapid7 using your CA cert, select
this option. Save your CA cert in the puppet-remediate/data/vr/ca_certs directory. |
Tenable.io
Add the details for your Tenable.io (cloud) account.
| Parameter | Description |
|---|---|
| Name | A unique and descriptive name to identify this vulnerability scanner. |
| Access key | Your Tenable.io access key to authenticate with the Tenable.io API. For more information about generating an access key, see the Tenable.io documentation. |
| Secret key | Your Tenable.io secret key to authenticate with the Tenable.io API. For more information about generating a secret key, see the Tenable.io documentation. |