Setting Up

To begin using Vulnerability-based Change Automation App (VCA) to create integrations between the SecureChange Access Request workflows and the third-party vulnerability management tools, you need to perform the following initial set-up tasks:

  • Connect to SecureChange: VCA needs to get the Access Request workflow information from SecureChange, and needs to add the risk analysis scripts to the workflow.

  • Connect to SecureTrack: VCA needs to get information on the network objects in the workflow tickets from SecureTrack.

  • Set up e-mail notifications: VCA can be configured to send e-mail notifications when the sync with the third-party vulnerability mitigation app is not performed successfully.

  • Define the log levels: Log levels are used for debugging and determine which information is collected in the log files.

All of these set-up tasks are performed in the Settings () menu.

After making any change in this menu, click Save.

Connect to SecureChange

In the SecureChange section, enter the following information:

  • Host: The IP address of the SecureTrack server. This address will also be used to link e-mails and reports to SecureTrack.
  • Login username
  • Login password

The username and password need to be for a SecureChange user with the permission: Create and handle tickets on behalf of another user (via API only).

If this is a new user, log in to SecureChange with that user to validate it.

Connect to SecureTrack

In the SecureTrack section, enter the following information:

  • Host: The IP address of the SecureTrack server. This address will also be used to link e-mails and reports to SecureTrack.

  • Login username

  • Login password

The username and password need to be for a SecureTrack user with Super Administrator permissions.

If this is a new user, log in to SecureTrack with that user to validate it.

Set up E-mail Notifications

Vulnerability-based Change Automation App sends out e-mail notifications when the sync with the third-party vulnerability management tool fails to complete successfully. To receive the e-mail notifications, in the E-mail notification section:

  1. Enter the following information for the outgoing e-mails:
    • Outgoing SMTP server
    • Port
    • Sender email address
    • Login user name
    • Login password
  2. If you want the e-mail notifications to be secured, select Enable TLS.

Define Log Levels

In the Log Level section, select the appropriate log level.

Log Level

Description

ERROR

Messages with error and critical levels are logged.

WARNING

Messages with error, critical, and warning levels are logged.

INFO

Messages with error, critical, warning, and info levels are logged.

DEBUG

All message levels.

This section also displays the path where the log files are saved.