Vulnerability assessment tools
      Back to home
      1. Knowledge Base
      2. Streamline your process with integrations
      3. Vulnerability assessment tools

      Integrate CyCognito vulnerability results automatically with Autobahn Fit

      This guide will instruct you how to integrate your CyCognito account with Autobahn Fit, so the platform can automatically pull Qualys' vulnerabilities and show them in Autobahn Fit.

      Table of content

      1. Why integrate CyCognito with Autobahn Fit
      2. Required steps to integrate CyCognito with Autobahn Fit
      3. Integrate CyCognito with Autobahn Fit
      4. View pulled data in Autobahn Fit
        1. View CyCognito vulnerabilities
        2. View CyCognito assets
      5. Enable/disable integration
      6. Data mapping on CyCognito integration
        1. Web application field mapping
        2. Domain fields mapping
        3. IP Address mapping
      7. Status update mechanisms
      8. API Endpoints in use
      9. Important notes

      1. Why integrate CyCognito with Autobahn Fit

      CyCognito automatically discovers all your internet-facing devices, websites, and applications (collectively called "assets"). It then continuously monitors and tests these assets for vulnerabilities.

      This integration allows you to connect your CyCognito Attack Surface Management (a part of the CyCognito platform) to your Autobahn Fit account. This connection lets Autobahn Fit automatically import information about your assets (including their web addresses and domains) and any vulnerabilities CyCognito finds.

      Once connected, Autobahn Fit analyzes the information from CyCognito reports. It combines and organizes this data to give you a clear picture of your overall risk and helps you prioritize which vulnerabilities to fix first. On top of that, these issues are mapped to Cyber Fitness Workouts.

      Note: this integration only supports the latest version of CyCognito.

      2. Required steps to integrate CyCognito with Autobahn Fit

      To enable the integration, you need to first prepare the CyCognito API Key. Follow the steps below to generate the API Key.

      1 - Access your CyCognito account by logging in with your credentials.

      2 - Navigate to Workflow & Integration from the sidebar.

      3 - Click on the API Key Management button. You will see a form to generate a new API Key.

      4 - Input a key name in the Key name field, and select "Read only" on the Key access section. Then, click the Create button.

      5 - Copy the resulting API key to use later when setting up the connector in Autobahn Fit.

      Please note that this connection is one-way. Information flows from CyCognito (the Connector) to Autobahn Fit.

      3. Integrate CyCognito with Autobahn Fit

      Once you generated the CyCognito API Key, navigate to the Integrations page on Autobahn Fit.

      1 - Click the Configure button on the CyCognito card.

      2 - On the CyCognito integration page, set up the integration:

      • Provide a Label for the CyCognito integration.

      • Enter the API Key you generated earlier.

      3 - Click the Save button to verify that Autobahn Fit can connect to your CyCognito instance.

      4 - To verify that the integration is successful, go to the Integrations page and look for the CyCognito tile. Once the toggle is active, the data is being imported into Autobahn Fit.

      4. View pulled data in Autobahn Fit

      After you integrate CyCognito with Autobahn Fit, it will take approximately 1 hour for the data to be imported. The imported data can be seen on the Individual Issues and Assets pages.

      4.a. View CyCognito vulnerabilities

      1 - On Autobahn Fit, navigate to the Individual Issues page.

       

      2 - Filter the table by selecting "CyCognito" in the Origin column to display vulnerabilities imported from CyCognito.

      4.b. View CyCognito assets

      1 - On Autobahn Fit, navigate to the Assets page.

      2 - Filter the table by selecting "CyCognito" in the Source column to display assets imported from CyCognito.

      5. Enable/disable integration

      You may want to disable the integration. Disabling the integration will prevent the Autobahn Fit engine from fetching new data from CyCognito. The credentials and previously fetched data will remain in Autobahn Fit. To disable the active integration, click the toggle in the CyCognito card.

      You can re-enable the integration by switching the toggle back. When re-enabled, the system will fetch the data starting from the last fetching date.

      6. Data mapping on CyCognito integration

      Autobahn Fit integrates with CyCognito through API and pulls relevant vulnerabilities and assets into Autobahn Fit.

      6.a. Web application field mapping

      CyCognito field

      Autobahn field

      Value Example

      webapp_address

      Asset

      example.com:32768

      related_asset_ids.ip

      IPs

      1.1.1.1

      related_asset_ids.domain

      Hostnames

      example.com

      tags

      Tag

      sample-tag

      continent

      Tag

      Europe

      locations

      Tag

      DEU

      organizations

      Tag

      Autobahn

      region

      Tag

      Northern Europe

      6.b. Domain fields mapping

      Cycognito field

      Autobahn field

      Value Example

      domain

      Asset

      example.com

      related_asset_ids.ip

      IPs

      1.1.1.1

      domain

      Hostnames

      example.com

      tags

      Tag

      sample-tag

      continent

      Tag

      Europe

      locations

      Tag

      DEU

      organizations

      Tag

      Autobahn

      region

      Tag

      Northern Europe

      6.c. IP Address mapping

      Cycognito field

      Autobahn field

      Value Example

      ip

      Asset

      1.1.1.1

      ip

      IPs

      1.1.1.1

      related_asset_ids.domain

      Hostnames

      example.com

      tags

      Tag

      sample-tag

      continent

      Tag

      Europe

      locations

      Tag

      DEU

      organizations

      Tag

      Autobahn

      region

      Tag

      Northern Europe

      7. Status update mechanisms

      Every day, Autobahn Fit syncs with CyCognito to receive updates on existing vulnerabilities and assets, as well as to retrieve new ones (if any are added).

      The table below shows how the status update mechanism works in the CyCognito integration for vulnerabilities and assets in Autobahn Fit.

      Update type in Autobahn Fit

      Mechanism (when?)

      The asset is archived

      • Asset not found during the last sync

      • Asset status on CyCognito's side is "removed".

      The vulnerability instance status changes to "Remediated"

      • If the vulnerability no longer appears in the scan findings.

      Note: Asset or vulnerability updates on the vendor side are reflected on Autobahn Fit only on the next scheduled sync (which often is the next day).

      8. API Endpoints in use

      To get the data from CyCognito, Autobahn Fit utilizes the CyCognito API, and uses Axios (JavaScript library) to access the CyCognito API directly.

      9. Important notes

      Several remarks on some CyCognito ingested vs. un-ingested fields:

      • CyCognito asset types are ingested based on user input, with available options including Domains, IP Addresses, and Web Applications. ​Certificates are currently not supported.

      • When calculating vulnerability instances, potential discrepancies between CyCognito and Autobahn Fit should be considered:

        • Autobahn Fit exclusively incorporates vulnerability instances directly linked to an asset. CyCognito, on the other hand, includes vulnerability instances not only for the asset itself but also for linked assets.

        • If a domain is linked to an IP address, each possessing distinct vulnerability instances:

          • In Autobahn Fit, two separate assets will be displayed, each with its vulnerability instance.

          • In CyCognito, both assets will be assigned, but they will share the same two vulnerability instances.