Integrating Invicti Standard with Email
Sometimes, instead of, or as well as, integrating Invicti Standard with a specialised application, you may want to have vulnerabilities sent to an email address.
This topic explains how to configure Invicti Standard to send a detected vulnerability to one or more email addresses.
For further information, see Configuring the User Interface for Custom Send To Actions in Invicti Standard and Configuring Auto Send To Actions in Invicti Standard and What Systems Does Invicti Integrate With?.
Email Fields
The table lists and describes the Email fields in the Send to Actions tab.
|
Button/Section/Field |
Description |
|
Add |
Click to add an integration. |
|
Delete |
Click to delete the integration and clear all fields. |
|
Create Sample Issue |
Once all relevant fields have been configured, click to create a sample issue. |
|
Action |
This section contains general fields about the Send to Action. |
|
Display Name |
This is the name of the configuration that will be shown in menus. |
|
Mandatory |
This section contains fields that must be completed. |
|
Host |
This is the server name or IP address from which to send mail. |
|
Port |
This is the port number to be used. |
|
Username |
This is the name of the user. If you are using a personal access token (see below), leave this field blank. |
|
Password |
This is the password that is used for the email account. |
|
From Address |
This is the address from which the mail is sent. |
|
To Address |
This is the address to which the mail is sent. |
|
Vulnerability |
This section contains fields with vulnerability details. |
|
Body Template |
This is the template file to create description fields. |
|
Title Format |
This is the string format that is to create the vulnerability title. |
|
Optional |
This section contains optional fields. |
|
CC |
These are the recipients that are cc'd into the email. |
|
BCC |
These are the recipients that are blind cc'd into the email. |
|
Delivery Method |
This is a dropdown from which you specify how outgoing email messages will be handled:
|
|
Enable SSL |
This is a dropdown from which you specify whether SSL will be used:
|
How to Integrate Invicti Standard with Email
- Open Invicti Standard.
- From the Home tab on the ribbon, click Options. The Options dialog is displayed.
- Click Send To Actions.
- From the Add dropdown, select Email. The Email fields are displayed.
- In the Mandatory section, complete the connection details:
- Host
- Post
- Username
- Password
- From AddressTo Address
- In the Vulnerability section you can change the Body Template and Title Format.
Body templates are stored in %userprofile%\Documents\Invicti\Resources\Send To Templates. If you use your own custom templates, store them in this location.
- In the Optional settings you can specify:
- CC
- BCC
- Delivery Method
- Enable SSL
- Click Create Sample Issue to confirm that Invicti Standard can connect to the configured system. The Send To Action Test confirmation dialog is displayed.
- Check the email account of the email address you have just configured, to check that you have received the test email.
How to Export Reported Vulnerabilities to Projects in Email
Please ensure that you have first configured Email integration (see How to Integrate Invicti Standard with Email).
- Open Invicti Standard.
- From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results.
- In the Issues panel, right click the vulnerability you want to export and select Send to Email. (Alternatively, from the ribbon, click the Vulnerability tab, then Send to Email.) A confirmation message is displayed at the bottom of the screen.
- The vulnerability is automatically exported to Email. You can view it in the inbox of the email address you configured to receive it.
