Import Cobalt Findings into Kenna Security
Configure the integration to import Cobalt pentest findings into the Kenna Security platform.
You can also refer to the Kenna Security documentation.
Integration Overview
Kenna Security is a risk and vulnerability intelligence platform.
You can retrieve findings data from Cobalt using the API and import it into Kenna Security. Then you can measure risk associated with vulnerabilities and prioritize remediation efforts on the Kenna Security platform.
What You Need
To configure the integration, you need the following:
- Cobalt API token. Learn how to create an API token.
- Cobalt organization token. Learn how to retrieve an organization token using the Cobalt API v1.
- Make sure that you use the Cobalt API v1 and not v2. This integration doesn’t support organization tokens from the API v2.
- Kenna Security API key. Learn how to create an API key.
- Kenna Security connector ID. Create a Kenna Security Data Importer connector, and copy the connector ID as described in step 1.
Step 1: Create a Kenna Security Data Importer Connector
We recommend creating a dedicated connector for importing Cobalt findings in Kenna Security, even if you already have other connectors configured.
- In Kenna Security, select Connectors.
- Select Add Connector.
- Search for and select the Kenna Data Importer connector.
- On the configuration page, enter a name for your connector, such as Kenna Data Importer - Cobalt.io. Select Save.
- Select the connector you created.
- Copy the connector ID. You will need it in step 2.
Step 2: Get the Kenna Security Toolkit Image
The Kenna Security Toolkit is wrapped in a container image. You can get it in two ways:
From Docker Hub
Pull the toolkit image from Docker Hub using this request:
docker pull kennasecurity/toolkit
When ready, go to step 3.
From the Source
- Clone the Kenna Toolkit repository.
git clone git@github.com:KennaSecurity/toolkit.git - Build the Kenna Security Toolkit image from the source. If you’ve already done this in the past, you may have to do it again because the Cobalt task is a relatively new addition.
docker build . -t toolkit:latest
Step 3: Run the Cobalt Task
- Prepare the following variables required to run the Cobalt task. See how to get these values.
COBALT_API_TOKEN: Cobalt API tokenCOBALT_ORG_TOKEN: Cobalt organization tokenKENNA_API_KEY: Kenna Security API keyKENNA_CONNECTOR_ID: ID of the Kenna Security Data Importer connector
- Replace variables with your values, and run this task:
export COBALT_API_TOKEN=xxx export COBALT_ORG_TOKEN=xxx export KENNA_API_KEY=xxx export KENNA_CONNECTOR_ID=xxx - Run the toolkit with the
cobaltiotask selected. This command imports all findings from the configured organization in Cobalt into Kenna Security.- (Recommended) By default, the AppSec module is used.
- If you want to use the VM module instead, add
kenna_appsec_module=falseto the command below.
docker run -it --rm toolkit:latest \ task=cobaltio \ cobalt_api_token=$COBALT_API_TOKEN \ cobalt_org_token=$COBALT_ORG_TOKEN \ kenna_api_key=$KENNA_API_KEY \ kenna_connector_id=$KENNA_CONNECTOR_ID
Step 4: View Imported Findings
You can view findings imported from Cobalt in one of these modules, depending on which one you’re using:
AppSec Module
In Kenna Security, navigate to AppSec > Explore.
You should see findings imported from Cobalt. If the page contains findings from other sources, you can apply a filter for the Cobalt connector.
VM Module
In Kenna Security, navigate to VM > Explore.
You should see findings imported from Cobalt. If the page contains vulnerabilities from other sources, use search to find newly added vulnerabilities.
