Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DefectDojo Integration Reimport Dependency Track Finding into Existing Test #1622

Closed
yangsec888 opened this issue May 13, 2022 · 3 comments
Closed

DefectDojo Integration Reimport Dependency Track Finding into Existing Test #1622

yangsec888 opened this issue May 13, 2022 · 3 comments
Labels
enhancement New feature or request help wanted Extra attention is needed integration/defectdojo Related to the Defect Dojo integration
Milestone
4.6

Comments

@yangsec888
Copy link

yangsec888 commented May 13, 2022
edited
Loading

The enhancement may already be reported! Please search for the enhancement before creating one.

Current Behavior:

Dependency Track (DT) has a background task for DefectDojo (DD) integration. The task will publish the DT finding into DD via its 'import-scan' API endpoint at a predefine frequency. Upon each push, a new test will be generated in DD.

Proposed Behavior:

Add additional logic inside the same task, where the DT will try to determine if there is an existing test created from previous publishing. If no previous publishing found, then DT will create a new test via 'import-scan' endpoint. Otherwise, DT will rewrite the existing test via 'reimport-scan' endpoint instead. The new behavior will remove the burden of de-duplicating the numerous tests in the DD side, for the DD analyst.
@yangsec888 yangsec888 added the enhancement New feature or request label May 13, 2022
@nscuro nscuro added the help wanted Extra attention is needed label May 16, 2022
@yangsec888
Copy link
Author

PR is now submitted at #1631

@nscuro nscuro added this to the 4.6 milestone Jun 9, 2022
nscuro added a commit that referenced this issue Jun 9, 2022
@nscuro
Merge pull request #1631 from yangsec888/master
2dcdbf9 
Issue #1622 DefectDojo integration reimport enhancement
@nscuro
Copy link
Member

nscuro commented Jun 9, 2022

Implemented in #1631.

@nscuro nscuro closed this as completed Jun 9, 2022
nscuro added a commit that referenced this issue Jun 27, 2022
@nscuro
Merge pull request #1738 from yangsec888/master
58dae19 
Issue #1622 DefectDojo integration reimport enhancement - Part 2
@github-actions
Copy link
Contributor

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 10, 2022
@msymons msymons added the integration/defectdojo Related to the Defect Dojo integration label Jul 19, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed integration/defectdojo Related to the Defect Dojo integration
Projects
None yet
Milestone
4.6
Development

No branches or pull requests
3 participants
@yangsec888 @msymons @nscuro