This article will detail how to determine why the file you tried to upload failed. For a complete list of supported scanning tools, visit our Vulnerability Scanning Tool Support page.
Unsupported Files
Generally, the reason that a scan file fails to upload is that the file you tried to upload is an unsupported type. Please refer to the below tables to determine if the scan file you are uploading is one of the supported scan files.
Network/Infrastructure Scanning
Scanner | Nucleus Automated Connector | Supported Files from Scanner |
Tenable Nessus | Yes | .nessus scan files |
Tenable.io | Yes | .nessus scan files |
Tenable.SC | Yes | .nessus scan files |
QualysVM | Yes | xml scan files & technical XML reports |
Rapid7 Nexpose/InsightVM | Yes | xml 2.0 reports |
OpenVAS | No | xml scan files |
BeyondTrust Retina | No | xml scan files |
Amazon Inspector | Yes |
xml scan files |
Nmap | No |
xml report |
Alienvault USM | No |
csv vulnerabilities export |
Custom Scanner | No |
Nucleus xml, csv, or json schema |
Web Application Scanners (DAST)
Scanner | Nucleus Automated Connector | Supported Files from Scanner |
Tenable WAS | Yes | .nessus scan files |
Qualys WAS | Yes | xml scan files & technical XML reports |
Netsparker Cloud | Yes | "Vulnerabilities List" xml scan reports |
Netsparker Desktop | Yes | "Vulnerabilities List" or "Detailed Report" xml scan reports |
Microfocus WebInspect | No | xml report |
Acunetix | Yes | 'export as xml' report type |
Burp Suite Pro | No | 'Report issues as xml' |
w3af | No | xml file export |
Trustwave Appscanner | No | xml report |
OWASP ZAP | No | xml report |
Custom Scanner | No |
Nucleus xml, csv, or json schema |
Web Application Scanners (SAST)
Scanner | Nucleus Automated Connector | Supported files from Scanner |
Checkmarx CxSAST | Yes | xml report export |
Veracode | Yes | xml report export |
Fortify | No | .fpr directory |
SonarQube | Yes | xml report export |
Sonarcloud | Yes | xml report export |
Custom Scanner | No |
Nucleus xml, csv, or json schema |
Container and 3rd Party Library Tools
Scanner | Nucleus Automated Connector | Supported Files from Scanner |
Snyk | Yes | .json |
OWASP Dependency Check | No | xml report export |
TwistLock | No | csv export |
WhiteSource | No | xml file export |
Clair | No |
‘Vulnerabilities’ section of the JSON report format. |
BlackDuck | No |
.zip project export |
Custom Scanner | No |
Nucleus xml, csv, or json schema |
Note: Only the scan files listed above are supported for ingest into Nucleus. For example, if you try to upload a .burp project into Nucleus it will fail because it is not the supported format.
Other Things to Look Out For
Besides verifying the scan file you are uploading, there are a couple of other potential reasons why your scan file might not be uploading.
Expired or Overdrawn Subscription
You should get a notification in Nucleus that tells you when your license has either expired or you have gone over the number of assets purchased for your subscription. You can check this by hovering over the temperature icon at the top of the Nucleus window. If you have any issues or need a one-time spike in assets, reach out to your support representative and we will be happy to assist you with any issues or needs you may have.
Scan Files not in English
Nucleus currently only supports tools with the keys in English. For example, a scan in French will not upload. Nucleus can work with you to support these scans, so please reach out to your Nucleus support representative for more information.
If you are having issues besides the above, please contact your Nucleus support representative, and they will be happy to help!
Comments
0 comments
Please sign in to leave a comment.