Skip to main content

Integrating Invicti Standard with Email

This document is for:
Invicti Standard

Sometimes, instead of, or as well as, integrating Invicti Standard with a specialised application, you may want to have vulnerabilities sent to an email address.

This topic explains how to configure Invicti Standard to send a detected vulnerability to one or more email addresses, enabling instant notification and reporting of security issues to relevant stakeholders through customizable email alerts.

Related Information

For further information, see Configuring the User Interface for Custom Send To Actions in Invicti Standard and Configuring Auto Send To Actions in Invicti Standard and What Systems Does Invicti Integrate With?.

Email Fields

The following table lists and describes the Email fields available in the Send to Actions configuration:

Button/Section/FieldDescription
AddClick to add an integration.
DeleteClick to delete the integration and clear all fields.
Create Sample IssueOnce all relevant fields have been configured, click to create a sample issue.
ActionThis section contains general fields about the Send to Action.
Display NameThis is the name of the configuration that will be shown in menus.
MandatoryThis section contains fields that must be completed.
HostThis is the server name or IP address from which to send mail.
PortThis is the port number to be used.
UsernameThis is the name of the user. If you are using a personal access token (see below), leave this field blank.
PasswordThis is the password that is used for the email account.
From AddressThis is the address from which the mail is sent.
To AddressThis is the address to which the mail is sent.
VulnerabilityThis section contains fields with vulnerability details.
Body TemplateThis is the template file to create description fields.
Title FormatThis is the string format that is to create the vulnerability title.
OptionalThis section contains optional fields.
CCThese are the recipients that are cc'd into the email.
BCCThese are the recipients that are blind cc'd into the email.
Delivery MethodThis is a dropdown from which you specify how outgoing email messages will be handled:
  • Network
  • SpecifiedPickupDirectory
  • PickupDirectoryFromlis
Enable SSLThis is a dropdown from which you specify whether SSL will be used:
  • True
  • False

How to Integrate Invicti Standard with Email

Follow these steps to configure email integration for automated vulnerability notifications:

  1. Open Invicti Standard
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed
  3. Click Send To Actions
Invicti Standard Options dialog showing Send To Actions menu for email configuration
  1. From the Add dropdown, select Email. The Email fields are displayed
Add dropdown menu showing Email option selection for email integration setup

  1. In the Mandatory section, complete the connection details:

    • Host
    • Port
    • Username
    • Password
    • From Address
    • To Address

  2. In the Vulnerability section you can change the Body Template and Title Format

Template Location

Body templates are stored in %userprofile%\Documents\Invicti\Resources\Send To Templates. If you use your own custom templates, store them in this location.

  1. In the Optional settings you can specify:

    • CC
    • BCC
    • Delivery Method
    • Enable SSL

  2. Click Create Sample Issue to confirm that Invicti Standard can connect to the configured system. The Send To Action Test confirmation dialog is displayed

Create Sample Issue button and test confirmation dialog for email connection verification
  1. Check the email account of the email address you have just configured, to check that you have received the test email
Sample test email received in configured email account showing vulnerability notification format
Email Testing

Always verify that the test email is received successfully in the configured email account before proceeding with live vulnerability reporting to ensure proper SMTP configuration and delivery.

How to Export Reported Vulnerabilities to Projects in Email

After configuring the email integration, follow these steps to export specific vulnerabilities:

Prerequisites

Please ensure that you have first configured Email integration (see How to Integrate Invicti Standard with Email).

  1. Open Invicti Standard
  2. From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results
Invicti Standard scan results interface showing vulnerability list and export options
  1. In the Issues panel, right click the vulnerability you want to export and select Send to Email. (Alternatively, from the ribbon, click the Vulnerability tab, then Send to Email.) A confirmation message is displayed at the bottom of the screen
Vulnerability export process showing Send to Email option in Issues panel context menu
  1. The vulnerability is automatically exported to Email. You can view it in the inbox of the email address you configured to receive it
Email notification showing vulnerability details received in configured email inbox

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Was this page useful?