Skip to main content

Integrating Invicti Enterprise with Kenna

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Kenna is an issue tracking system that specializes in risk-based vulnerability management. Kenna provides a security platform that calculates which vulnerabilities present the highest risk and de-prioritizes those that don't, then notifies the right people of the top vulnerabilities to achieve the greatest possible cyber risk reduction.

This document explains how to configure Invicti Enterprise to send a detected vulnerability to Kenna.

For further information, see What Systems Does Invicti Integrate With?.

Kenna fields

This table lists and explains the Kenna fields in the New Kenna Integration window.

Button/Section/FieldDescription
NameThis is the name of the configuration that will be shown elsewhere
MandatoryThis section contains fields that must be completed
Instance URLThis is the Kenna instance URL
API URLThis is the Kenna API URL
API KeyThis is the API Access Key for authentication
Title FormatThis is the string format that is used to create the vulnerability title
OptionalThis section contains optional fields
Due DaysThis is the number of days between the date the issue was created to the date it's due
Asset's Application IdentifierEnable the Set Asset's Application Identifier to provide further information for the asset that the vulnerability belongs to. The options are: Website Name, Static
TagsThese are the asset tags, separated by a semicolon (;)
Custom FieldsThis section contains user-defined custom fields
New Custom FieldSelect to create a new custom field
NameEnter a name for the new custom field
ValueEnter a value for the new custom field
DropdownSelect the drop-down to change the input type. The options are: Text, Password, Textarea, File upload, Complex
Create Sample IssueOnce all relevant fields have been configured, click to create a sample issue

How to integrate Invicti Enterprise with Kenna

  1. Log in to Invicti Enterprise.

  2. From the main menu, select Integrations > New Integration.

  3. From the Issue Tracking Systems section, select Kenna.

New Kenna Integration window showing Kenna selection from issue tracking systems

  1. In the Name field, enter a name for the integration.

  2. In the Mandatory section, complete the connection details:

    • Instance URL
    • API URL
    • API Key
    • Title Format

  3. Select Create Sample Issue to confirm that Invicti Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.

  4. In the confirmation message, select the Issue number link to open the issue in your default browser.

  5. If the Kenna integration is not configured correctly, Invicti Enterprise will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:

    • If the URL or API Key was entered incorrectly
Kenna Integration Test Failed Notification showing error message for incorrect URL or API Key
  1. Select Save to save the integration.

How to Export Reported Vulnerabilities to Projects in Kenna

There are several ways to send issues to Kenna with Invicti Enterprise:

Automatic Notification Configuration

Once notifications have been configured, you can configure Invicti Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).

Send from Issues Page

You can send one or more issues from the Issues window:

  • You must have Manage Issue permission.
  • From the main menu, select Issues, then All Issues.
  • From the Issues page, select one or more issues you want to send.
  • Select Send To > Kenna.

A pop-up is displayed, with a link to the issue you have sent to Kenna. If there is an error, this information will be displayed instead.

Send from Recent Scans Page

You can send an issue from the Recent Scans window:

  • From the main menu, select Scans > Recent Scans.
  • Next to the relevant scan, select Report.
  • Scroll down to the Technical Report section.
  • From the list of detected vulnerabilities, click to select an issue and display its details.
  • Select Send To > Kenna.
warning

If you have previously submitted this vulnerability to Kenna, it will already be accessible. You cannot submit the same issue twice.

After sending the issue, you can view it via Kenna.

Kenna issue screen showing the vulnerability details and information

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?