-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add EPSS score and percentile to generic csv parser #11449
Conversation
DryRun Security SummaryThe pull request enhances DefectDojo's security data handling by adding EPSS support, updating CSV parsing, improving vulnerability ID handling, and implementing deduplication in the Generic Findings Import feature. Expand for full summarySummary: The changes in this pull request are focused on improving the handling of security-related data in the DefectDojo application, specifically related to the "Generic Findings Import" feature. The key changes include:
Overall, these changes demonstrate a commitment to enhancing the security capabilities of the DefectDojo application by improving the handling of security-related data, such as EPSS scores and CVSS information. This can help security teams better prioritize and address vulnerabilities, leading to a more secure application landscape. Files Changed:
Code AnalysisWe ran |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small docs tweak to make clear that the range for epss_percentile
is the same as epss_score
, otherwise this looks good.
docs/content/en/connecting_your_tools/parsers/generic_findings_import.md
Outdated
Show resolved
Hide resolved
…_import.md Co-authored-by: Charles Neill <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approved
epss_score and epss_percentile have been added to the generic parser for csv files
test created to validate that the new headers are read in correctly
documentation on generic parser updated to include the new fields
[sc-9384]