Cosmos Bishop Fox Continuous Penetration Testing
  • 18 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

Cosmos Bishop Fox Continuous Penetration Testing

  • Dark
    Light

Article summary

Cosmos Continuous Penetration Testing, developed by Bishop Fox, automates data collection and analysis for networks, domains, and applications. By integrating with various tools, it streamlines vulnerability assessments, enhances threat intelligence, and offers customizable features and reporting, making it an asset for security professionals.

Integration Method: API

Tables: Detection Finding (2004), Vulnerability Finding (2002)

This integration supports the following events.

Event

Description

Findings

Retrieves a list of findings, which includes details of exposed services, misconfigurations, vulnerable software, credential reuse, information disclosures, subdomain takeovers, and more.

This integration supports the following versions.

Cosmos Continuous Penetration Testing Version

v2.0

Cosmos Continuous Penetration Testing API version

v1.0

Prerequisites

  • The user should have access to the Cosmos platform to generate API clients.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate client credentials with the required scopes.

  2. Add the Cosmos Continuous Penetration Testing data feed in the DataBee console with the below parameters.

    DataBee Parameter

    Cosmos Continuous Penetration Testing Parameter

    Client Key

    Client Key

    Client Secret

    Client Secret

    Organization UID

    Unique ID

Cosmos Continuous Penetration Testing Configuration

Before you start configuring the data feed on DataBee UI, you will need to create the API Client and get the necessary information for API authentication such as Client ID and Client Secret. Follow these steps:

  1. Logon to Cosmos Platform.

  2. Click your username from the top right corner > Select My profile.
     

  3. Navigate to the API KEYS tab, copy the Unique ID from the Organization section, API URL from API Keys section and then click the Generate New API Keys button to create API key.
     

  4. Copy the Client Key and Client Secret.
     

    Note:

    The user needs to re-create the client secret when it expires (90 days). Additionally, once this step is completed, the user will not be able to view the API credentials again. Ensure the keys are stored in a secure location before proceeding.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Cosmos Continuous Penetration Testing and click it as shown below.
     

  3. Click on the API Ingest option for the collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, confirm the following:

  • Authorization Method: OAuth2

  • API Base URL: paste the Base URL.

  • Client Key: paste the Client Key.

  • Client Secret: paste the Client Secret.

  • Organization UID: paste the Unique ID.

  • Event Types: preselected for all the event types that integration pulls.  

  1. Click Submit.

Troubleshooting Tips

  • If you’re facing invalid_client or unauthorized_client issues this might be possibly due to incorrect credentials. Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence