Login
    Contents x
    Cosmos Bishop Fox Continuous Penetration Testing
    • 21 Oct 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Cosmos Bishop Fox Continuous Penetration Testing

    • Updated on 21 Oct 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    Cosmos Continuous Penetration Testing is a comprehensive reconnaissance platform developed by Bishop Fox. It automates the collection and analysis of data on target networks, domains, and applications. By integrating with various tools, it streamlines information gathering, enhances vulnerability assessments, and supports effective threat intelligence. Its customizable features and reporting capabilities making it a valuable asset for security professionals.

    Integration: API

    Tables: Detection Finding, Vulnerabilities Finding

    Events: Findings

    DataBee uses Cosmos v1 APIs to get security and vulnerability findings. Authentication is performed using oauth2 protocols. This integration has been tested against Cosmos v1 of endpoint.

    Cosmos Setup

    Before starting the configuration of data source on Databee UI, the user will need to create the API Client and get the necessary information for API authentication such as Client ID and Client Secret.

    Create API Client

    • To access the Cosmos API, you will need an API key, API secret, and the organization's UID (sometimes called orgUid).
    • From Cosmos Platform, Navigate to my Profile by clicking on your username on the top right corner > My Profile

    A screenshot of a computer Description automatically generated

    • Navigate to API Keys tab and click the Generate New API Keys button to create it.

    A screenshot of a computer Description automatically generated

    • Copy the API key, and API Secret
    • Copy the token URL and API URL

    Note: User will not be able to view API credentials again after completion of this step. Ensure that the user copies it to a secure location before closing.

    • Organization’s UID (OrgUid) can be found from the API Keys tab.

    A screenshot of a computer Description automatically generated

    Databee Configuration

    To configure the Data Source, login into the Databee UI and click on Data and Add New Data Source. Search and click on the Cosmos Continuous Penetration Testing as mentioned below.

    Click on the API Ingest option for the collection method. Give the name of the Data Source and other relevant information as mentioned below.

    In the next configuration page,

    • Enter the Organization ID ({orgUid}) into the API URL endpoint, which was obtained in the previous step
    • Select OAuth2 as the authorization method.
    • Paste the Client ID and Client Secret into the corresponding fields in the API Client section of Cosmos Continuous Penetration Testing.
    • For API URL, enter https://api.bishopfox.com/v1/orgs/{orgUid}/findings. Replace {orgUid} with the organization id in the previous step
    • For Token URL, enter https://bishopfox.auth0.com/oauth/token


    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence