Configuring the BlueApp for DDI Frontline VM

Role Availability Read-Only Investigator Analyst Manager

DDI Frontline VM Configuration

Important: In addition to the following configuration steps, you must also create a business group in your DDI portal and ensure that your user account is added to that business group.

To configure the AlienApp for Digital Defense, Inc. (DDI) Frontline Vulnerability Manager (VM) in USM Anywhere, you need to generate an API key in your DDI Frontline VM instance and enter it into USM Anywhere.

To set up your DDI Frontline API

  1. Log in to your DDI Frontline VM instance.
  2. Go to My Profile > API Tokens > Create new token.
  3. In the Add New Token window, enter a name for the API token and click OK.
  4. Click Click to show key to see your API key.

    Copy this API key to enter into USM Anywhere.

  5. Go to System > Scanner Management.

  6. Navigate to the scanner profiles and click to open the profile you need to configure.

  7. In the IP & Ports field, add the IP range that your BlueApp for DDI Frontline VM should scan to cover all of your assets.

To enable the BlueApp for DDI Frontline VM

  1. In USM Anywhere, go to Data Sources > BlueApps.
  2. Click the Available Apps tab.
  3. Search for the BlueApp, and then click the tile.
  4. Click Configure API.
  5. If you have more than one deployed USM Anywhere Sensor, select the sensor that you want to use for the enabled BlueApp.

    BlueApps operate through a deployed sensor and use APIs to integrate with the connected third-party technology. Select the sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this sensor, so it is important to make sure the sensor has network access to the BlueApp API endpoints.

  6. Enter the API Key.

  7. Select Allow Asset Creation to allow DDI Frontline VM scans to create new assets in USM Anywhere.

    Select Merge Duplicate Assets if you allow USM Anywhere to run a match against the DDI Frontline asset VM identification to merge the assets found with existing USM Anywhere assets.

    See BlueApp for DDI Frontline VM Asset Discovery and Management for more details on the asset creation and merging processes.

  8. Click Save.

The BlueApp for DDI Frontline VM and the BlueApp for AT&T Managed Vulnerability Platform

Because both the BlueApp for DDI Frontline VM and the BlueApp for AT&T Managed Vulnerability Platform share configuration components through BlueApp for DDI Frontline VM, configuring one BlueApp will cause the other to appear as configured in your My Apps page. This is expected behavior. Do not delete or disable the BlueApp for DDI Frontline VM or the BlueApp for AT&T Managed Vulnerability Platform. Changes to one BlueApp will cause configuration errors with the other BlueApp.