Import Cobalt Findings into DefectDojo

Set up an integration with DefectDojo.

Configure the integration to import Cobalt findings into the DefectDojo platform.

Integration Overview

DefectDojo is a security orchestration and vulnerability management platform. It’s a free open source tool that allows you to manage your application security program and streamline your DevSecOps workflows.

You can retrieve findings data from Cobalt using the API and import it into DefectDojo. Then you can manage, analyze, and triage vulnerabilities using reports, metrics, templates, and other tools available in DefectDojo.

What You Need

To configure the integration, you need the following:

  • Cobalt API token. Learn how to create an API token.
  • Cobalt organization token. Learn how to retrieve an organization token using the Cobalt API v1.
    • Make sure that you use the Cobalt API v1 and not v2. This integration doesn’t support organization tokens from the API v2.
  • Asset identifier in Cobalt. You can get an asset ID in two ways:
    • In the Cobalt app, go to Assets, navigate to the asset page, and copy the ID from the URL. For example, the asset ID in this example URL https://app.cobalt.io/organization/assets/as_KoEUfS0 is as_KoEUfS0.
    • Retrieve your assets using the Cobalt API, and find the asset ID in the API response.

Step 1: Add a Tool Type

If you already have a tool type for Cobalt, you can skip this step and go to step 2.

  1. In DefectDojo, on the sidebar, select Configuration > Tool Type.
  2. From the menu in the upper-right corner, select Add Tool Type.

    Add a tool type in DefectDojo
  3. On the configuration screen, enter:
    • Name: Cobalt.io
    • (Optional) Description: You can add a meaningful description such as “Pentesting.”
  4. Select Submit.

    Configure a tool type in DefectDojo

You should land on the screen showing your tool types.

Tool type list in DefectDojo

Step 2: Add a Tool Configuration

You can create multiple tool configurations for Cobalt. The process of adding a new configuration is the same, regardless of whether you have existing configurations or not.

  1. On the sidebar, select Configuration > Tool Configuration.
  2. From the menu in the upper-right corner, select Add Tool Configuration.

    Add a tool configuration in DefectDojo
  3. On the configuration screen, enter:
    • Name: Enter a meaningful name for your tool configuration.
    • Tool Type: Select Cobalt.io.
    • Authentication Type: Select API Key.
    • Extras: Enter your Cobalt organization token.
    • API Key: Enter your Cobalt API key.
  4. Select Submit.

    Tool configuration parameters in DefectDojo

You should land on the screen showing your tool type configurations. If needed, you can edit your configurations from here.

Tool configuration list in DefectDojo

Step 3: Add an API Scan Configuration

You can create multiple API scan configurations for Cobalt. The process of adding a new configuration is the same, regardless of whether you have existing configurations or not.

  1. Navigate to the product for which you want to import findings from Cobalt.
  2. Go to Settings > Add API Scan Configuration.

    Add an API scan configuration in DefectDojo
  3. On the configuration screen, enter:
  4. Select Save.

    API scan configuration parameters in DefectDojo

You should land on the screen showing your API scan configurations. If needed, you can edit your configurations from here.

API scan configurations list in DefectDojo

Step 4: Import Findings

  1. Navigate to the engagement for which you want to import findings.
  2. Under Tests, select Import Scan Results from the three-line menu.

    Import scan results in DefectDojo
  3. On the configuration screen, enter:
    • Scan type: Select Cobalt.io API Import.
    • Complete the required fields, and fill in optional fields if needed.

      Configuration parameters for importing scan results in DefectDojo
    • (If you have multiple API scan configurations) API Scan Configuration: Select an API scan configuration that you added earlier. Skip this step if you only have one configuration.

      Select an API scan configuration in DefectDojo
  4. Select Import, and wait for DefectDojo to run API requests to fetch findings for the Cobalt asset you selected.

You should land on the page with imported Cobalt findings. Now you can analyze this data using DefectDojo tools.

Cobalt findings imported to DefectDojo

Last modified November.04.2024