Invicti

Note: This capability is currently in Early Access (EA) and is not generally available. To request access, please contact OX technical support.

You can connect OX to your Invicti instance to import Dynamic Application Security Testing (DAST) results. This allows you to view DAST issues alongside other security findings in the OX Security platform.

Integrating Invicti with OX provides you with unified view of vulnerabilities across your application stack. OX automatically pulls Invicti DAST scan results and displays them in the Active Issues page.

Notes:

• Some advanced Invicti capabilities, such as automatic crawling of subdomains, depend on your Invicti configuration and may affect what data is shown in OX.

• The Invicti connector does not support automatic discovery of credentials from the Invicti UI. You must obtain the required credentials manually.

• If your Invicti instance requires a token instead of a username and password, consult your Invicti administrator.

Step 1: Get an Invicti API token [Invicti]

1. Log in to Invicti Enterprise.

2. Select [Your Name] (top right) > API Settings.

3. If prompted, enter your Current password.

4. To display your User ID and API token, select Submit .

5. Copy the token and store it in a secure location.

Step 2: Connect Invicti to OX [OX]

1. In the OX platform, go to the Connectors page.

2. Select Add Connector and search for Invicti.

1. In the Configure your Invicti credentials box, provide the following details:

1. Select CONNECT.

2. To select specific Invicti projects to import, click the gear icon next to the DELETE button.

1. Select the Invicti projects and select SAVE.

When connected, OX starts pulling DAST data from Invicti.