-
Your QuestionI am trying to prevent a notification from being sent in case all findings are already "handled" (mitigated / false positive / risk accepted) in DefectDojo as described here: https://www.securecodebox.io/docs/hooks/notification-webhook/#configuration-of-a-notification What rules do I need to write into my notification hook for this to work? I am trying it with the following rules, but I can't verify if it works due to the issue linked below. Related issue: #2057 |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 3 replies
-
|
Hi @moxli yes as far as I understand your problem the yaml you posted would work. (if we assume #2057 is fixed) We've used a simmilar config before for the same scenario: - name: notify-for-unhandled-findings
rules:
- matches:
anyOf:
- attributes:
defectdojo.org/original-finding: null
duplicate: false
falsePositive: false
riskAccepted: false
- attributes:
defectdojo.org/original-finding:
attributes:
falsePositive: false
riskAccepted: false
duplicate: true
falsePositive: false
riskAccepted: false
skipNotificationOnZeroFindings: true
... |
Beta Was this translation helpful? Give feedback.
-
|
Hi @moxli, we discussed this topic today and we want to point out some additional information: In every hook you can read and write the findings in raw and SCB format. This means you could implement an own hook to edit the raw finding beforehand it is used by the DefectDojo hook. I will update the documentation about that. |
Beta Was this translation helpful? Give feedback.
-
|
@Weltraumschaf awesome thank you. |
Beta Was this translation helpful? Give feedback.
-
|
The PR is here: #2206 |
Beta Was this translation helpful? Give feedback.
-
|
@moxli PR is merged, docs website will be updated in view minutes. |
Beta Was this translation helpful? Give feedback.
Hi @moxli
yes as far as I understand your problem the yaml you posted would work. (if we assume #2057 is fixed)
We've used a simmilar config before for the same scenario: