Add a Target (Custom/Direct)

ZeroNorth Experts
, ,
1

A Target is what ZeroNorth submits to scanning tools. A Target can be a host, a web server, a source code repository, a build artifact, a container (e.g. Docker), etc. Targets within ZeroNorth are defined as instances of Target Types . A related concept called Integration is what allows ZeroNorth to connect with a Target . Once defined to the ZeroNorth platform, a Target can then be specified in a Security Policy.

Adding a Target to an existing Custom type Integration

Custom type Targets represent a host, or a web server (or similar) end-point on a host. These Targets can be paired with Dynamic Application Security Tools (DAST) in a Security policy.

Adding a Direct Host Target

Host Targets are used for scans using DAST scanning tools such as NMap, Nikto, OpenVas, etc. Go to znO PS > Targets > Add Target . In the new Target screen:

image

Target Specification

  1. Enter a Name .
  2. Specify the Target Type (Custom).
  3. Select a previously created “Custom” type Integration .
  4. Enter the host name or the IP address.
  5. Click Save to create the Target.

Adding a Web Server Target

Web server Targets are used for scans using DAST scanning tools such as ZAP and Burp. Adding a web server as a Target is similar to adding a host Target, but with additional information:

image

Additional Target Specification

  1. Enter a Pathname . If omitted “/” is assumed.
  2. Specify the Protocol (http or https).
  3. Override or enter the Port (defaults to 80 for HTTP and 443 for HTTPS).
  4. If necessary, check Use authentication and then supply the Username and Password .
  5. Click Save to create the Target.

Tip

When in doubt, if your Target hosts a web server, create the target as a web server Target since it will then be useful to all kinds of DAST scanners.

Adding Notifications

A Target can have associated with it one or more notifications. Target-level notifications work as follows:

  1. A Policy that includes the Target in question runs and pick up vulnerabilities which generate ZeroNorth Synthetic Issues.
  2. If a resulting ZeroNorth Synthetic Issue qualifies for generating an alert (e.g. based on severity or because of a Ruleset), ZeroNorth sends out notifications, one per Synthetic Issue.

See the article " Set Up Notifications About a Target-level Issue " for details.