Manually ingest vulnerabilities into the Vulnerability Response application so that you can remediate them quickly without having to wait for scanner results.

Third-party scanners such as Rapid7 help import vulnerability data into Vulnerability Response and process the data to report the findings. With Manual Ingestion integration, you can proactively ingest the vulnerabilities and remediate them instead of waiting for scanners to report the assets that are at risk. Manual ingestion of vulnerabilities effectively protects the assets against unknown threats such as zero-day exploits.

Manual ingestion of vulnerabilities

You can import the vulnerability data by uploading a template in the following file formats:
  • Excel
  • Comma-separated value (CSV)

To access and download the template, navigate to All > Vulnerability Response > Manual Vulnerability Item Ingestion > Upload File UI.

Ensure that you follow these key points while populating the records in the template:
  • Do not make any typing errors in the Severity/ State column records. If there is a typing error, the record is skipped.
  • Do not change the column names.
  • Do not put column names in any row except the first row.
  • Do not change the order of the sheets in the Microsoft Excel template. The vulnerabilities data must always be present in the second sheet.
  • Do not put vulnerabilities details in any sheet except the Input Manual Detections sheet.
  • Do not use any character except alphanumeric and special characters such as dash (-), period (.), plus (+), underscore ( _ ), space, brackets ‘(‘ ‘)’, and at symbol (@) for the filename.

For instructions on how to populate the data in the template, see Template for manual ingestion of vulnerabilities.

Starting with v24.0.6 of Vulnerability Response, you can also create additional columns in the Microsoft Excel template. For more information, see KB1646630.

Manual Ingestion integrations

The integration is triggered when a file is uploaded. Based on the type of file uploaded, the related integration is triggered.

To view the integrations, navigate to All > Vulnerability Response > Manual Vulnerability Item Ingestion > Integrations.

The following base system Manual Ingestion integrations are available by default.

Table 1. Integrations
Integration type Description
Manual Ingestion Excel Integration Retrieves data by fetching the latest Microsoft Excel file uploaded from the Vulnerability Ingestion Push Queue table and copies the attachment to the respective Integration run.
Manual Ingestion CSV Integration Retrieves data by fetching the latest CSV file uploaded from the Vulnerability Ingestion Push Queue table and copies the attachment to the respective Integration run.
The Manual Ingestion third-party integration creates an integration instance, by default, with the following two integration instance parameters:
  • max_input_records: Defines the number of records that can be created in the template. If you add more records than what is specified in this parameter, the additional records are skipped. The number of records can be updated in the Value column. The recommended number of record creations in the template is 1000. Anything above this value can pose performance challenges.
  • insert_fixed: Imports fixed vulnerability detections.

To view the integration instance parameters, navigate to All > Vulnerability Response > Manual Vulnerability Item Ingestion > Integrations and click the source instance of any integration. Alternatively, you can navigate to All > Vulnerability Response > Integration Instances and click Manual Ingestion.