From 6d30710ccfd2c8fb8850a593a7b00e6dd8efa9be Mon Sep 17 00:00:00 2001 From: Paul Osinski Date: Fri, 19 Sep 2025 06:28:32 -0400 Subject: [PATCH 1/3] add sticker link --- docs/content/en/about_defectdojo/about_docs.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/content/en/about_defectdojo/about_docs.md b/docs/content/en/about_defectdojo/about_docs.md index e098872c901..49640238f31 100644 --- a/docs/content/en/about_defectdojo/about_docs.md +++ b/docs/content/en/about_defectdojo/about_docs.md @@ -67,6 +67,8 @@ Other guides for working with an Open-Source install: If you run into trouble with an Open Source install, we highly recommend asking questions on the [OWASP Slack](https://owasp.org/slack/invite). Our community members are active on the **# defectdojo** channel and can help you with issues you’re facing. +Looking for cool DefectDojo laptop stickers? As a thank you for being a part of the DefectDojo community, you can sign up to get some free DefectDojo stickers. For more information, check out [this link](https://defectdojo.com/defectdojo-sticker-request). + ### Online Demo A running example of DefectDojo (Open-Source Edition) is available on [our demo server](https://demo.defectdojo.org), using the credentials `admin` / `1Defectdojo@demo#appsec`. The demo server is refreshed regularly and provisioned with some sample data. From 79b113d5ec5cb282ca4d906033b41e6e1ab09f42 Mon Sep 17 00:00:00 2001 From: Paul Osinski Date: Fri, 19 Sep 2025 06:32:48 -0400 Subject: [PATCH 2/3] update changelog 2.50.2 --- docs/content/en/changelog/changelog.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docs/content/en/changelog/changelog.md b/docs/content/en/changelog/changelog.md index 712dcfa2cb4..2cc71a0a6f7 100644 --- a/docs/content/en/changelog/changelog.md +++ b/docs/content/en/changelog/changelog.md @@ -10,6 +10,11 @@ For Open Source release notes, please see the [Releases page on GitHub](https:// ## Sept 2025: v2.50 +### Sept 15, 2025: v2.50.2 + +* **(Pro UI)** Added Any/All status filtering. Filtering by status allows you to apply either AND (inner join) logic, or OR (outer join) logic to the filter. +* **(Pro UI)** Added Contact Support form for On-Premise installs. + ### Sept 9, 2025: v2.50.1 * **(Tools)** Removed CSV limit for Qualys HackerGuardian From 2241fbf92c22ea09eec08bc007bbfab73858f49b Mon Sep 17 00:00:00 2001 From: Paul Osinski Date: Fri, 19 Sep 2025 15:45:36 -0400 Subject: [PATCH 3/3] update generic findings documentation --- .../parsers/file/generic.md | 8 +- .../parsers/generic_findings_import.md | 132 +----------------- 2 files changed, 12 insertions(+), 128 deletions(-) diff --git a/docs/content/en/connecting_your_tools/parsers/file/generic.md b/docs/content/en/connecting_your_tools/parsers/file/generic.md index f9c9943378e..6905c0ceed1 100644 --- a/docs/content/en/connecting_your_tools/parsers/file/generic.md +++ b/docs/content/en/connecting_your_tools/parsers/file/generic.md @@ -3,9 +3,9 @@ title: 'Generic Findings Import' toc_hide: true --- -Import Generic findings in CSV or JSON format. +Generic Findings Import can be used to import any report in CSV or JSON format. -Attributes supported for CSV: +### Supported Attributes (CSV) - Date: Date of the finding in mm/dd/yyyy format. - Title: Title of the finding @@ -37,6 +37,8 @@ The CSV expects a header row with the names of the attributes. Date fields are parsed using [dateutil.parse](https://dateutil.readthedocs.io/en/stable/parser.html) supporting a variety of formats such a YYYY-MM-DD or ISO-8601. +### Supported Attributes (JSON) + The list of supported fields in JSON format: - title: **Required.** String @@ -93,7 +95,7 @@ The list of supported fields in JSON format: - ransomware_used: Bool - fix_available: Bool -Example of JSON format: +### Example JSON ```JSON { diff --git a/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md b/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md index a9d40341a30..06c229ef2e1 100644 --- a/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md +++ b/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md @@ -1,136 +1,18 @@ --- -title: "Generic Findings Import" +title: "Using Generic Findings Import" toc_hide: true weight: 2 --- -You can use Generic Findings Import as a method to ingest JSON or CSV files into DefectDojo which are not already in the supported parsers list. +Open-source and Pro users can use Generic Findings Import as a method to ingest JSON or CSV files into DefectDojo which are not already in the supported Tools list. -Files uploaded using Generic Findings Import must conform to the accepted format with respect to CSV column headers / JSON attributes. +Using Generic Findings Import will create a new Test Type in your DefectDojo instance called "`{The Name Of Your Test}` (Generic Findings Import)". For example, this JSON content will result in a Test Type called "Example Report (Generic Findings Import)": -These attributes are supported for CSV: - -- Date: Date of the finding in mm/dd/yyyy format. -- Title: Title of the finding -- CweId: Cwe identifier, must be an integer value. -- epss_score: The probability of exploitation in the next 30 days, must be a float value between 0 and 1.0. -- epss_percentile: The proportion of all scored vulnerabilities with the same or a lower EPSS score, must be a float value between 0 and 1.0. -- Url: Url associated with the finding. -- Severity: Severity of the finding. Must be one of Info, Low, Medium, High, or Critical. -- Description: Description of the finding. Can be multiple lines if enclosed in double quotes. -- Mitigation: Possible Mitigations for the finding. Can be multiple lines if enclosed in double quotes. -- Impact: Detailed impact of the finding. Can be multiple lines if enclosed in double quotes. -- References: References associated with the finding. Can be multiple lines if enclosed in double quotes. -- Active: Indicator if the finding is active. Must be empty, TRUE or FALSE -- Verified: Indicator if the finding has been verified. Must be empty, TRUE, or FALSE -- FalsePositive: Indicator if the finding is a false positive. Must be TRUE, or FALSE. -- Duplicate: Indicator if the finding is a duplicate. Must be TRUE, or FALSE - -The CSV expects a header row with the names of the attributes. - -Example of JSON format: - -```JSON -{ - "findings": [ - { - "title": "test title with endpoints as dict", - "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau", - "severity": "Medium", - "mitigation": "Some mitigation", - "date": "2021-01-06", - "cve": "CVE-2020-36234", - "cwe": 261, - "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "file_path": "src/first.cpp", - "line": 13, - "endpoints": [ - { - "host": "exemple.com" - } - ] - }, - { - "title": "test title with endpoints as strings", - "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau2", - "severity": "Critical", - "mitigation": "Some mitigation", - "date": "2021-01-06", - "cve": "CVE-2020-36235", - "cwe": 287, - "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "file_path": "src/two.cpp", - "line": 135, - "endpoints": [ - "http://urlfiltering.paloaltonetworks.com/test-command-and-control", - "https://urlfiltering.paloaltonetworks.com:2345/test-pest" - ] - }, - { - "title": "test title", - "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau2", - "severity": "Critical", - "mitigation": "Some mitigation", - "date": "2021-01-06", - "cve": "CVE-2020-36236", - "cwe": 287, - "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", - "file_path": "src/threeeeeeeeee.cpp", - "line": 1353 - } - ] -} -``` - -This parser supports an attributes that accept files as Base64 strings. These files are attached to the respective findings. - -Example: - -```JSON -{ - "name": "My wonderful report", - "findings": [ - { - "title": "Vuln with image", - "description": "Some very long description", - "severity": "Medium", - "files": [ - { - "title": "Screenshot from 2017-04-10 16-54-19.png", - "data": "iVBORw0KGgoAAAANSUhEUgAABWgAAAK0CAIAAAARSkPJAAAAA3N<...>TkSuQmCC" - } - ] - } - ] -} -``` - -This parser supports some additional attributes to be able to define custom `TestTypes` as well as influencing some meta fields on the `Test`: - -- `name`: The internal name of the tool you are using. This is primarily informational, and used for reading the report manually. -- `type`: The name of the test type to create in DefectDojo with the suffix of `(Generic Findings Import)`. The suffix is an important identifier for future users attempting to identify the test type to supply when importing new reports. This value is very important when fetching the correct test type to import findings into, so be sure to keep the `type` consistent from import to import! As an example, a report submitted with a `type` of `Internal Company Tool` will produce a test type in DefectDojo with the title `Internal Company Tool (Generic Findings Import)`. With this newly created test type, you can define custom `HASHCODE_FIELDS` or `DEDUPLICATION_ALGORITHM` in the settings. -- `version`: The version of the tool you are using. This is primarily informational, and is used for reading the report manually and tracking format changes from version to version. -- `description`: A brief description of the test. This could be an explanation of what the tool is reporting, where the tools is maintained, who the point of contact is for the tool when issues arise, or anything in between. -- `static_tool`: Dictates that tool used is running static analysis methods to discover vulnerabilities. -- `dynamic_tool`: Dictates that tool used is running dynamic analysis methods to discover vulnerabilities. -- `soc`: Dictates that tool is used for reporting alerts from a soc (Pro Edition Only). - -Example: - -```JSON { - "name": "My wonderful report", - "type": "My custom Test type", - "version": "1.0.5", - "description": "A unicorn tool that is capable of static analysis, dynamic analysis, and even capturing soc alerts!", - "static_tool": true, - "dynamic_tool": true, - "soc": true, - "findings": [ - ] + "name": "Example Report", + "findings": [] } -``` -### Sample Scan Data +DefectDojo Pro users can also consider using the [Universal Parser](../universal_parser), a tool which allows for highly customizable JSON, XML and CSV imports. -Sample Generic Findings Import scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/generic). \ No newline at end of file +For more information on supported parameters for Generic Findings Import, see the [Parser Guide](../file/generic) \ No newline at end of file