Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Outpost24 Vulnerability Scanner Overview

JSA uses HTTPS to communicate with the Outpost24 vulnerability scanner API to download asset and vulnerability data from previously completed scans.

The following table lists the specifications for the Outpost24 vulnerability scanner:

Table 1: Outpost24 Vulnerability Scanner Specifications

Specification

Value

Scanner name

Outpost24 Vulnerability Scanner

Supported versions

HIAB V4.1

OutScan V4.1

Connection type

HTTPS

More information

Outpost24 website (http://www.outpost24.com/)

Server Certificates

Before you add a scanner, a server certificate is required to support HTTPS connections. JSA supports certificates with the following file extensions: .crt, .cert, or .der. To copy a certificate to the /opt/qradar/conf/trusted_certificates directory, choose one of the following options:

  • Manually copy the certificate to the /opt/qradar/conf/trusted_certificates directory by using Secure Copy (SCP) or Secure File Transfer Protocol (SFTP).

  • To automatically download the certificate to the/opt/qradar/conf/trusted_certificates directory, SSH into the Console or managed host and type the following command:

    /opt/qradar/bin/getcert.sh <IP_or_Hostname> <optional_port_(443_default)>

Install the Java Cryptography Extension

The default certificates that are used by OUTSCAN and HIAB use 2048-bit keys. As a result, you must modify the Java cryptography when you use these certificates. For more information, see Installing the Java Cryptography Extension on JSA.

Configuration Steps

To configure JSA to download asset and vulnerability data from an Outpost24 vulnerability scanner, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the Outpost24 Vulnerability Scanner RPM on your JSA system.

  2. On the Outpost24 vulnerability scanner, create an application token for JSA.

  3. On the JSA Console, add the Outpost24 vulnerability scanner. Configure all required parameters and use the following table to identify specific Outpost24 values:

    Table 2: Outpost24 Vulnerability Scanner Parameters

    Parameter

    Value

    Type

    Outpost24 Vulnerability Scanner

    Server Hostname

    The host name or IP address of the Outpost24 vulnerability scanner device.

    Port

    443

    API token

    Must use the API token that you created on the Outpost24 vulnerability scanner device.

  4. Schedule a scan.