CyCognito automatically discovers all your internet-facing devices, websites, and applications (collectively called "assets"). It then continuously monitors and tests these assets for vulnerabilities.

This integration allows you to connect your CyCognito Attack Surface Management (a part of the CyCognito platform) to your Autobahn Fit account. This connection lets Autobahn Fit automatically import information about your assets (including their web addresses and domains) and any vulnerabilities CyCognito finds.

Once connected, Autobahn Fit analyzes the information from CyCognito reports. It combines and organizes this data to give you a clearer picture of your overall risk and helps you prioritize which vulnerabilities to fix first.

Note: that this integration only supported for the latest version of CyCognito.

Required steps to integrate CyCognito with Autobahn Fit

To enable the integration, you need to first prepare the CyCognito API Key. Follow the steps below to generate the API Key.

1 - Access your CyCognito account by logging in with your credentials.

2 - Navigate to Workflow & Integration from the sidebar.

3 - Click on the API Key Management button. You will see a form to generate a new API Key.

4 - Input a key name in the Key name field, and select "Read only" on the Key access section. Then, click the Create button.

5 - Copy the resulting API key to use later when setting up the connector in Autobahn Fit.

Please note that this connection is one-way. Information flows from CyCognito (the Connector) to Autobahn Fit.

Integrate CyCognito with Autobahn Fit

Once you generated the CyCognito API Key, navigate to the Integrations page on Autobahn Fit.

1 - Click the Configure button on the CyCognito tile.

2 - In the CyCognito integration page, set up the Connector as follows:

Provide a Label for the CyCognito integration.
Enter the API Key you generated earlier.

3 - Click the Save button to verify that Autobahn Fit can connect to your CyCognito instance.

4 - To verify that the synchronization is successful, go to the Integrations page and look for the CyCognito tile. Once the toggle is active, the data will start being imported into Autobahn Fit.

View pulled data in Autobahn Fit

After you integrate your CyCognito with Autobahn Fit, it will take approximately 1 hour for the data to be imported. The imported data can be seen on the Individual Issues and Assets page.

View CyCognito vulnerabilities

1 - On Autobahn Fit, navigate to the Individual Issues page.

2 - Filter the table by selecting "CyCognito" in the Origin column to display vulnerabilities imported from CyCognito.

View CyCognito assets

1 - On Autobahn Fit, navigate to the Assets page.

2 - Filter the table by selecting "CyCognito" in the Source column to display assets imported from CyCognito.

Enable/Disable integration

You may want to disable the integration. Disabling the integration will prevent our engine from fetching new data from CyCognito. The credentials and previously fetched data will remain in Autobahn Fit. To disable the active integration, click the toggle in the instance card.

You can re-enable the integration by switching the toggle back. When re-enabled, the system will fetch the data from the last fetching date.

Data mapping on CyCognito integration

Autobahn Fit integrates with CyCognito through API to pull relevant vulnerabilities and assets data and map it into Autobahn Fit.

Web application field mapping

CyCognito field	Autobahn field	Value Example
webapp_address	Asset	example.com:32768
related_asset_ids.ip	IPs	1.1.1.1
related_asset_ids.domain	Hostnames	example.com
tags	Tag	sample-tag
continent	Tag	Europe
locations	Tag	DEU
organizations	Tag	Autobahn
region	Tag	Northern Europe

Domain fields mapping

Cycognito field	Autobahn field	Value Example
domain	Asset	example.com
related_asset_ids.ip	IPs	1.1.1.1
domain	Hostnames	example.com
tags	Tag	sample-tag
continent	Tag	Europe
locations	Tag	DEU
organizations	Tag	Autobahn
region	Tag	Northern Europe

IP Address mapping

Cycognito field	Autobahn field	Value Example
ip	Asset	1.1.1.1
ip	IPs	1.1.1.1
related_asset_ids.domain	Hostnames	example.com
tags	Tag	sample-tag
continent	Tag	Europe
locations	Tag	DEU
organizations	Tag	Autobahn
region	Tag	Northern Europe

Status update mechanisms

Every day, Autobahn Fit syncs with CyCognito to receive updates on existing vulnerabilities and assets and to retrieve new ones (if any are added).

The table below shows how the status update mechanism works in the CyCognito connector for the vulnerabilities and assets in Autobahn Fit.

Update type in Autobahn Fit	Mechanism (When?)
The asset is archived	Asset not found on the connector's last sync Asset status on the connector's side is "removed".
The vulnerability instance status changes to "Remediated"	If the vulnerability no longer appears in the scan findings.

Note: Asset or vulnerability updates on the vendor side are reflected on Autobahn Fit only on the next scheduled connector sync (the next day).

API Endpoints in Use

To get the data from CyCognito we are utlizing CyCognito API, and using Axios (JavaScript library) to access the CyCognito API directly from our service.

Important notes

Several remarks on some CyCognito ingested vs. un-ingested fields:

CyCognito asset types are ingested based on user input, with available options including Domains, IP Addresses, and Web Applications.
Certificates are currently not supported.
When calculating vulnerability instances, potential discrepancies between CyCognito and Autobahn Fit should be considered:
- Autobahn Fit exclusively incorporates vulnerability instances directly linked to an asset. CyCognito, on the other hand, includes vulnerability instances not only for the asset itself but also for linked assets.
- If a domain is linked to an IP address, each possessing distinct vulnerability instances:
  - In Autobahn Fit, two separate assets will be displayed, each with its vulnerability instance.
  - In CyCognito, both assets will be assigned, but they will share the same two vulnerability instances.