Third-party Vulnerability Scanners

At this time, we do not support automatic retrieval of vulnerability data from certain third-party scanners. A manual import for the supported scanners can be completed at the Device Group level.

The following third-party scanners are currently supported for manual import of vulnerability data:

• Metasploit v4 Parser
• Nessus v2
• Nexpose Raw XML 2.0
• Nexpose Simple XML
• Qualys Report Export
• Simple .csv format

• Tripwire IP360

If you manually upload vulnerability data while automatic vulnerability data updates are activated, the automatic updates will replace manually uploaded vulnerability data every 24 hours.

Export Scan Data

Risk Analyzer combines your network topology with scan data from your network to create risk assessments. Before you can compile this information, you'll first need to export your scan data into a consumable report format.

Please see your scanner product's documentation for instructions on exporting scan data. Then, place these files in a directory accessible from the Administration module and proceed with a manual import. It is recommended that you export your scan data anytime you have new data that you want to include in your analysis in Risk Analyzer.

Risk Analyzer accepts .jar file output of scan data for compilation.