How to create an API Key (Authentication Token)
Speaker 1: Welcome to the NexPloit. In this video, you will learn how to integrate Nexploit with the ticketing systems you use in your development environment. The integration will enable NexPloit to automatically open tickets with specific vulnerability and remediation information. This will help you simplify and accelerate fixing security issues by distributing the remediation tasks among your development team. Moreover, NexPloit allows you to set up filters which open tickets only for the issues of a specific severity. For example, high, medium or low. In this video, we will show you how to integrate NexPloit with GitHub. But the flow is similar for the majority of the available ticketing systems. You can find a full list of them on our knowledge base. The integration flow consists of several steps. First, you connect the ticketing system to exploit. After that, you associate a ticketing repository with a specific exploit project. You also have the option to set up a filter for issue severity levels. Finally, you select the associated repository when running a scan either from the exploit application or locally using the NexPloit CLI. Please note that only the owner or the admin of an exploit organization has access to configure a ticketing integration. Let’s get started. Go to the next application in the Left Pane Select organization. My role in this organization is Owner, which allows me to configure the integration. Scroll down to the ticket management integration section and click the settings icon to the left of GitHub. Select settings. On the pop up click activate GitHub. Enter the password to your GitHub account and select the repository you want to use for the scans. Click Save. The next Deloitte connection to GitHub is enabled. This also means we completed the first integration step. After you NexPloit to GitHub, you need to associate a specific exploit project with the selected GitHub repository. For that, go to project settings of the GitHub integration in the dialog box, select the next Deloitte project and the GitHub repository to be associated with this project. Now, if you select the associated repository for a scan, the reports on the detected issues will be provided in the repository tickets. Additionally, you can set up a filter to receive reports only for the issues of a certain severity. More details about that are provided on our knowledge base. Finally, let’s select the integration when running a scan from the NexPloit application. In the Scan details tab, select the next Deloitte project and then the GitHub repository associated with this project. That’s it. Thanks for watching and happy scanning with NexPloit from all of us at Neural Legion.