diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles.png b/docs/assets/images/About_Custom_Dashboard_Tiles.png new file mode 100644 index 00000000000..f93e3cef66f Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_10.png b/docs/assets/images/About_Custom_Dashboard_Tiles_10.png new file mode 100644 index 00000000000..d1a529cc634 Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_10.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_11.png b/docs/assets/images/About_Custom_Dashboard_Tiles_11.png new file mode 100644 index 00000000000..28c214ce609 Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_11.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_12.png b/docs/assets/images/About_Custom_Dashboard_Tiles_12.png new file mode 100644 index 00000000000..a85d84e4076 Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_12.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_2.png b/docs/assets/images/About_Custom_Dashboard_Tiles_2.png new file mode 100644 index 00000000000..0776da29aea Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_2.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_3.png b/docs/assets/images/About_Custom_Dashboard_Tiles_3.png new file mode 100644 index 00000000000..61f4ddb3503 Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_3.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_4.png b/docs/assets/images/About_Custom_Dashboard_Tiles_4.png new file mode 100644 index 00000000000..e110e93428f Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_4.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_5.png b/docs/assets/images/About_Custom_Dashboard_Tiles_5.png new file mode 100644 index 00000000000..6001191d30d Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_5.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_6.png b/docs/assets/images/About_Custom_Dashboard_Tiles_6.png new file mode 100644 index 00000000000..9fb05e93ff2 Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_6.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_7.png b/docs/assets/images/About_Custom_Dashboard_Tiles_7.png new file mode 100644 index 00000000000..0c25182d9cf Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_7.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_8.png b/docs/assets/images/About_Custom_Dashboard_Tiles_8.png new file mode 100644 index 00000000000..146acaced7a Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_8.png differ diff --git a/docs/assets/images/About_Custom_Dashboard_Tiles_9.png b/docs/assets/images/About_Custom_Dashboard_Tiles_9.png new file mode 100644 index 00000000000..b9f3d2ce2ff Binary files /dev/null and b/docs/assets/images/About_Custom_Dashboard_Tiles_9.png differ diff --git a/docs/assets/images/About_In-App_Alerts.png b/docs/assets/images/About_In-App_Alerts.png new file mode 100644 index 00000000000..b1534a60c34 Binary files /dev/null and b/docs/assets/images/About_In-App_Alerts.png differ diff --git a/docs/assets/images/About_In-App_Alerts_2.png b/docs/assets/images/About_In-App_Alerts_2.png new file mode 100644 index 00000000000..7557d0765a0 Binary files /dev/null and b/docs/assets/images/About_In-App_Alerts_2.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product.png new file mode 100644 index 00000000000..4fe1fc826d6 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_2.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_2.png new file mode 100644 index 00000000000..a640315c218 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_2.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_3.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_3.png new file mode 100644 index 00000000000..6bc25804dd6 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_3.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_4.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_4.png new file mode 100644 index 00000000000..a14899f8824 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_4.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_5.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_5.png new file mode 100644 index 00000000000..00cbbb76789 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_5.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_6.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_6.png new file mode 100644 index 00000000000..1e19075c9cd Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_6.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_7.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_7.png new file mode 100644 index 00000000000..6b9b1302b36 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_7.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_8.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_8.png new file mode 100644 index 00000000000..3cff617e742 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_8.png differ diff --git a/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_9.png b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_9.png new file mode 100644 index 00000000000..29084146db7 Binary files /dev/null and b/docs/assets/images/Add_a_Connected_Jira_Project_to_a_Product_9.png differ diff --git a/docs/assets/images/Avoiding_Duplicates_Reimport_Recurring_Tests.png b/docs/assets/images/Avoiding_Duplicates_Reimport_Recurring_Tests.png new file mode 100644 index 00000000000..d26f35a4652 Binary files /dev/null and b/docs/assets/images/Avoiding_Duplicates_Reimport_Recurring_Tests.png differ diff --git a/docs/assets/images/Bulk_Editing_Findings.png b/docs/assets/images/Bulk_Editing_Findings.png new file mode 100644 index 00000000000..acfcaaec871 Binary files /dev/null and b/docs/assets/images/Bulk_Editing_Findings.png differ diff --git a/docs/assets/images/Bulk_Editing_Findings_2.png b/docs/assets/images/Bulk_Editing_Findings_2.png new file mode 100644 index 00000000000..eb0b13d8b2f Binary files /dev/null and b/docs/assets/images/Bulk_Editing_Findings_2.png differ diff --git a/docs/assets/images/Bulk_Editing_Findings_3.png b/docs/assets/images/Bulk_Editing_Findings_3.png new file mode 100644 index 00000000000..61e34d07402 Binary files /dev/null and b/docs/assets/images/Bulk_Editing_Findings_3.png differ diff --git a/docs/assets/images/Bulk_Editing_Findings_4.png b/docs/assets/images/Bulk_Editing_Findings_4.png new file mode 100644 index 00000000000..79f267ee25b Binary files /dev/null and b/docs/assets/images/Bulk_Editing_Findings_4.png differ diff --git a/docs/assets/images/Bulk_Editing_Findings_5.png b/docs/assets/images/Bulk_Editing_Findings_5.png new file mode 100644 index 00000000000..97b1e0a0a05 Binary files /dev/null and b/docs/assets/images/Bulk_Editing_Findings_5.png differ diff --git a/docs/assets/images/Configure_Single-Sign_On_Login.png b/docs/assets/images/Configure_Single-Sign_On_Login.png new file mode 100644 index 00000000000..cbcb9575b9c Binary files /dev/null and b/docs/assets/images/Configure_Single-Sign_On_Login.png differ diff --git a/docs/assets/images/Configure_Single-Sign_On_Login_2.png b/docs/assets/images/Configure_Single-Sign_On_Login_2.png new file mode 100644 index 00000000000..f6dc82c6014 Binary files /dev/null and b/docs/assets/images/Configure_Single-Sign_On_Login_2.png differ diff --git a/docs/assets/images/Configure_Single-Sign_On_Login_3.png b/docs/assets/images/Configure_Single-Sign_On_Login_3.png new file mode 100644 index 00000000000..fac5fe227a2 Binary files /dev/null and b/docs/assets/images/Configure_Single-Sign_On_Login_3.png differ diff --git a/docs/assets/images/Configure_Single-Sign_On_Login_4.png b/docs/assets/images/Configure_Single-Sign_On_Login_4.png new file mode 100644 index 00000000000..cbcb9575b9c Binary files /dev/null and b/docs/assets/images/Configure_Single-Sign_On_Login_4.png differ diff --git a/docs/assets/images/Configure_Single-Sign_On_Login_5.png b/docs/assets/images/Configure_Single-Sign_On_Login_5.png new file mode 100644 index 00000000000..022cb0dd51f Binary files /dev/null and b/docs/assets/images/Configure_Single-Sign_On_Login_5.png differ diff --git a/docs/assets/images/Configure_System_&_Personal_Notifications.png b/docs/assets/images/Configure_System_&_Personal_Notifications.png new file mode 100644 index 00000000000..9e0f6175cc6 Binary files /dev/null and b/docs/assets/images/Configure_System_&_Personal_Notifications.png differ diff --git a/docs/assets/images/Configure_System_&_Personal_Notifications_2.png b/docs/assets/images/Configure_System_&_Personal_Notifications_2.png new file mode 100644 index 00000000000..96264fd71ca Binary files /dev/null and b/docs/assets/images/Configure_System_&_Personal_Notifications_2.png differ diff --git a/docs/assets/images/Configure_System_&_Personal_Notifications_3.png b/docs/assets/images/Configure_System_&_Personal_Notifications_3.png new file mode 100644 index 00000000000..38c98179ff3 Binary files /dev/null and b/docs/assets/images/Configure_System_&_Personal_Notifications_3.png differ diff --git a/docs/assets/images/Configure_a_Microsoft_Teams_Integration.png b/docs/assets/images/Configure_a_Microsoft_Teams_Integration.png new file mode 100644 index 00000000000..22a151c6bee Binary files /dev/null and b/docs/assets/images/Configure_a_Microsoft_Teams_Integration.png differ diff --git a/docs/assets/images/Configure_a_Microsoft_Teams_Integration_2.png b/docs/assets/images/Configure_a_Microsoft_Teams_Integration_2.png new file mode 100644 index 00000000000..37288e64e04 Binary files /dev/null and b/docs/assets/images/Configure_a_Microsoft_Teams_Integration_2.png differ diff --git a/docs/assets/images/Configure_a_Slack_Integration.png b/docs/assets/images/Configure_a_Slack_Integration.png new file mode 100644 index 00000000000..af0784e9466 Binary files /dev/null and b/docs/assets/images/Configure_a_Slack_Integration.png differ diff --git a/docs/assets/images/Configure_a_Slack_Integration_2.png b/docs/assets/images/Configure_a_Slack_Integration_2.png new file mode 100644 index 00000000000..19642ffda20 Binary files /dev/null and b/docs/assets/images/Configure_a_Slack_Integration_2.png differ diff --git a/docs/assets/images/Configure_a_Slack_Integration_3.png b/docs/assets/images/Configure_a_Slack_Integration_3.png new file mode 100644 index 00000000000..af0784e9466 Binary files /dev/null and b/docs/assets/images/Configure_a_Slack_Integration_3.png differ diff --git a/docs/assets/images/Configure_a_Slack_Integration_4.png b/docs/assets/images/Configure_a_Slack_Integration_4.png new file mode 100644 index 00000000000..d4611789377 Binary files /dev/null and b/docs/assets/images/Configure_a_Slack_Integration_4.png differ diff --git a/docs/assets/images/Configuring_the_Jira_DefectDojo_Webhook.png b/docs/assets/images/Configuring_the_Jira_DefectDojo_Webhook.png new file mode 100644 index 00000000000..1aab8ad9c21 Binary files /dev/null and b/docs/assets/images/Configuring_the_Jira_DefectDojo_Webhook.png differ diff --git a/docs/assets/images/Connect_DefectDojo_to_Jira.png b/docs/assets/images/Connect_DefectDojo_to_Jira.png new file mode 100644 index 00000000000..28df98a7407 Binary files /dev/null and b/docs/assets/images/Connect_DefectDojo_to_Jira.png differ diff --git a/docs/assets/images/Connect_DefectDojo_to_Jira_2.png b/docs/assets/images/Connect_DefectDojo_to_Jira_2.png new file mode 100644 index 00000000000..5a0174e4e3e Binary files /dev/null and b/docs/assets/images/Connect_DefectDojo_to_Jira_2.png differ diff --git a/docs/assets/images/Connect_DefectDojo_to_Jira_3.png b/docs/assets/images/Connect_DefectDojo_to_Jira_3.png new file mode 100644 index 00000000000..46b99f956a0 Binary files /dev/null and b/docs/assets/images/Connect_DefectDojo_to_Jira_3.png differ diff --git a/docs/assets/images/Connectivity_Troubleshooting.png b/docs/assets/images/Connectivity_Troubleshooting.png new file mode 100644 index 00000000000..6324be17652 Binary files /dev/null and b/docs/assets/images/Connectivity_Troubleshooting.png differ diff --git a/docs/assets/images/Connectivity_Troubleshooting_2.png b/docs/assets/images/Connectivity_Troubleshooting_2.png new file mode 100644 index 00000000000..a66229e96d3 Binary files /dev/null and b/docs/assets/images/Connectivity_Troubleshooting_2.png differ diff --git a/docs/assets/images/Connectivity_Troubleshooting_3.png b/docs/assets/images/Connectivity_Troubleshooting_3.png new file mode 100644 index 00000000000..7ec221f3b27 Binary files /dev/null and b/docs/assets/images/Connectivity_Troubleshooting_3.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions.png new file mode 100644 index 00000000000..7ad06ce70f2 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_2.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_2.png new file mode 100644 index 00000000000..d9036b020c0 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_2.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_3.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_3.png new file mode 100644 index 00000000000..aa3ae2839cd Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_3.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_4.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_4.png new file mode 100644 index 00000000000..cdf1558f631 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_4.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_5.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_5.png new file mode 100644 index 00000000000..4178b6a4645 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_5.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_6.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_6.png new file mode 100644 index 00000000000..371b4f2a110 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_6.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_7.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_7.png new file mode 100644 index 00000000000..ec6f4c87c7b Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_7.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_8.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_8.png new file mode 100644 index 00000000000..f8efb7194ee Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_8.png differ diff --git a/docs/assets/images/Create_a_User_Group_for_shared_permissions_9.png b/docs/assets/images/Create_a_User_Group_for_shared_permissions_9.png new file mode 100644 index 00000000000..b4373006e46 Binary files /dev/null and b/docs/assets/images/Create_a_User_Group_for_shared_permissions_9.png differ diff --git a/docs/assets/images/Creating_Findings_Manually.png b/docs/assets/images/Creating_Findings_Manually.png new file mode 100644 index 00000000000..c64ddd1d668 Binary files /dev/null and b/docs/assets/images/Creating_Findings_Manually.png differ diff --git a/docs/assets/images/Creating_Findings_Manually_2.png b/docs/assets/images/Creating_Findings_Manually_2.png new file mode 100644 index 00000000000..5289e2e6ed7 Binary files /dev/null and b/docs/assets/images/Creating_Findings_Manually_2.png differ diff --git a/docs/assets/images/Creating_Issues_in_Jira.png b/docs/assets/images/Creating_Issues_in_Jira.png new file mode 100644 index 00000000000..10e66408422 Binary files /dev/null and b/docs/assets/images/Creating_Issues_in_Jira.png differ diff --git a/docs/assets/images/Creating_Issues_in_Jira_2.png b/docs/assets/images/Creating_Issues_in_Jira_2.png new file mode 100644 index 00000000000..10cd38f8568 Binary files /dev/null and b/docs/assets/images/Creating_Issues_in_Jira_2.png differ diff --git a/docs/assets/images/Creating_Issues_in_Jira_3.png b/docs/assets/images/Creating_Issues_in_Jira_3.png new file mode 100644 index 00000000000..2d3afd51959 Binary files /dev/null and b/docs/assets/images/Creating_Issues_in_Jira_3.png differ diff --git a/docs/assets/images/Creating_Issues_in_Jira_4.png b/docs/assets/images/Creating_Issues_in_Jira_4.png new file mode 100644 index 00000000000..4f023449a22 Binary files /dev/null and b/docs/assets/images/Creating_Issues_in_Jira_4.png differ diff --git a/docs/assets/images/Creating_Issues_in_Jira_5.png b/docs/assets/images/Creating_Issues_in_Jira_5.png new file mode 100644 index 00000000000..6a77ede0026 Binary files /dev/null and b/docs/assets/images/Creating_Issues_in_Jira_5.png differ diff --git a/docs/assets/images/Editing_Findings.png b/docs/assets/images/Editing_Findings.png new file mode 100644 index 00000000000..d2811582f50 Binary files /dev/null and b/docs/assets/images/Editing_Findings.png differ diff --git a/docs/assets/images/Editing_Findings_2.png b/docs/assets/images/Editing_Findings_2.png new file mode 100644 index 00000000000..ebeac72c45b Binary files /dev/null and b/docs/assets/images/Editing_Findings_2.png differ diff --git a/docs/assets/images/Enabling_Deduplication_within_an_Engagement.png b/docs/assets/images/Enabling_Deduplication_within_an_Engagement.png new file mode 100644 index 00000000000..5558c2721e6 Binary files /dev/null and b/docs/assets/images/Enabling_Deduplication_within_an_Engagement.png differ diff --git a/docs/assets/images/Enabling_Deduplication_within_an_Engagement_2.png b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_2.png new file mode 100644 index 00000000000..435cddb3c43 Binary files /dev/null and b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_2.png differ diff --git a/docs/assets/images/Enabling_Deduplication_within_an_Engagement_3.png b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_3.png new file mode 100644 index 00000000000..95a3f5e7899 Binary files /dev/null and b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_3.png differ diff --git a/docs/assets/images/Enabling_Deduplication_within_an_Engagement_4.png b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_4.png new file mode 100644 index 00000000000..c016985ab24 Binary files /dev/null and b/docs/assets/images/Enabling_Deduplication_within_an_Engagement_4.png differ diff --git a/docs/assets/images/Enabling_Product-Level_Deduplication.png b/docs/assets/images/Enabling_Product-Level_Deduplication.png new file mode 100644 index 00000000000..f469c834875 Binary files /dev/null and b/docs/assets/images/Enabling_Product-Level_Deduplication.png differ diff --git a/docs/assets/images/Enabling_Product-Level_Deduplication_2.png b/docs/assets/images/Enabling_Product-Level_Deduplication_2.png new file mode 100644 index 00000000000..d422e0a9873 Binary files /dev/null and b/docs/assets/images/Enabling_Product-Level_Deduplication_2.png differ diff --git a/docs/assets/images/Finding_Status_Definitions.png b/docs/assets/images/Finding_Status_Definitions.png new file mode 100644 index 00000000000..702fec9e613 Binary files /dev/null and b/docs/assets/images/Finding_Status_Definitions.png differ diff --git a/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles.png b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles.png new file mode 100644 index 00000000000..457430afe1f Binary files /dev/null and b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles.png differ diff --git a/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_2.png b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_2.png new file mode 100644 index 00000000000..0776da29aea Binary files /dev/null and b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_2.png differ diff --git a/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_3.png b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_3.png new file mode 100644 index 00000000000..d75da933423 Binary files /dev/null and b/docs/assets/images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_3.png differ diff --git a/docs/assets/images/How-To_Edit_Dashboard_Configuration.png b/docs/assets/images/How-To_Edit_Dashboard_Configuration.png new file mode 100644 index 00000000000..cde5d388743 Binary files /dev/null and b/docs/assets/images/How-To_Edit_Dashboard_Configuration.png differ diff --git a/docs/assets/images/How-To_Edit_Dashboard_Configuration_2.png b/docs/assets/images/How-To_Edit_Dashboard_Configuration_2.png new file mode 100644 index 00000000000..24a7b23fa9e Binary files /dev/null and b/docs/assets/images/How-To_Edit_Dashboard_Configuration_2.png differ diff --git a/docs/assets/images/How-To_Edit_Dashboard_Configuration_3.png b/docs/assets/images/How-To_Edit_Dashboard_Configuration_3.png new file mode 100644 index 00000000000..78f55afd4bf Binary files /dev/null and b/docs/assets/images/How-To_Edit_Dashboard_Configuration_3.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features.png b/docs/assets/images/Introduction_to_Dashboard_Features.png new file mode 100644 index 00000000000..16a1a6be6ef Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features_2.png b/docs/assets/images/Introduction_to_Dashboard_Features_2.png new file mode 100644 index 00000000000..f93e3cef66f Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features_2.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features_3.png b/docs/assets/images/Introduction_to_Dashboard_Features_3.png new file mode 100644 index 00000000000..fe82f87b6d8 Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features_3.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features_4.png b/docs/assets/images/Introduction_to_Dashboard_Features_4.png new file mode 100644 index 00000000000..1eeba317dac Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features_4.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features_5.png b/docs/assets/images/Introduction_to_Dashboard_Features_5.png new file mode 100644 index 00000000000..ac51210cef4 Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features_5.png differ diff --git a/docs/assets/images/Introduction_to_Dashboard_Features_6.png b/docs/assets/images/Introduction_to_Dashboard_Features_6.png new file mode 100644 index 00000000000..d7eedb6dd30 Binary files /dev/null and b/docs/assets/images/Introduction_to_Dashboard_Features_6.png differ diff --git a/docs/assets/images/Introduction_to_Findings.png b/docs/assets/images/Introduction_to_Findings.png new file mode 100644 index 00000000000..1dc022f5858 Binary files /dev/null and b/docs/assets/images/Introduction_to_Findings.png differ diff --git a/docs/assets/images/Product_Hierarchy_Overview.png b/docs/assets/images/Product_Hierarchy_Overview.png new file mode 100644 index 00000000000..a0502462f98 Binary files /dev/null and b/docs/assets/images/Product_Hierarchy_Overview.png differ diff --git a/docs/assets/images/Product_Hierarchy_Overview_2.png b/docs/assets/images/Product_Hierarchy_Overview_2.png new file mode 100644 index 00000000000..cb4b3b8514b Binary files /dev/null and b/docs/assets/images/Product_Hierarchy_Overview_2.png differ diff --git a/docs/assets/images/Risk_Acceptances.png b/docs/assets/images/Risk_Acceptances.png new file mode 100644 index 00000000000..b8d1d3be8cf Binary files /dev/null and b/docs/assets/images/Risk_Acceptances.png differ diff --git a/docs/assets/images/Risk_Acceptances_2.png b/docs/assets/images/Risk_Acceptances_2.png new file mode 100644 index 00000000000..5c682e67950 Binary files /dev/null and b/docs/assets/images/Risk_Acceptances_2.png differ diff --git a/docs/assets/images/Risk_Acceptances_3.png b/docs/assets/images/Risk_Acceptances_3.png new file mode 100644 index 00000000000..28af44c6d3d Binary files /dev/null and b/docs/assets/images/Risk_Acceptances_3.png differ diff --git a/docs/assets/images/Risk_Acceptances_4.png b/docs/assets/images/Risk_Acceptances_4.png new file mode 100644 index 00000000000..4ba5a8cf655 Binary files /dev/null and b/docs/assets/images/Risk_Acceptances_4.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions.png b/docs/assets/images/Set_a_User's_Permissions.png new file mode 100644 index 00000000000..6e2dd94d3be Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_2.png b/docs/assets/images/Set_a_User's_Permissions_2.png new file mode 100644 index 00000000000..17690bf8dc4 Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_2.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_3.png b/docs/assets/images/Set_a_User's_Permissions_3.png new file mode 100644 index 00000000000..17690bf8dc4 Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_3.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_4.png b/docs/assets/images/Set_a_User's_Permissions_4.png new file mode 100644 index 00000000000..f3007abf38e Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_4.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_5.png b/docs/assets/images/Set_a_User's_Permissions_5.png new file mode 100644 index 00000000000..bc565c06a77 Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_5.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_6.png b/docs/assets/images/Set_a_User's_Permissions_6.png new file mode 100644 index 00000000000..2cc94cd2efc Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_6.png differ diff --git a/docs/assets/images/Set_a_User's_Permissions_7.png b/docs/assets/images/Set_a_User's_Permissions_7.png new file mode 100644 index 00000000000..6e2dd94d3be Binary files /dev/null and b/docs/assets/images/Set_a_User's_Permissions_7.png differ diff --git a/docs/assets/images/Using_Custom_Fields.png b/docs/assets/images/Using_Custom_Fields.png new file mode 100644 index 00000000000..e89362b0dd1 Binary files /dev/null and b/docs/assets/images/Using_Custom_Fields.png differ diff --git a/docs/assets/images/Using_Custom_Fields_2.png b/docs/assets/images/Using_Custom_Fields_2.png new file mode 100644 index 00000000000..b56d7f74e0d Binary files /dev/null and b/docs/assets/images/Using_Custom_Fields_2.png differ diff --git a/docs/assets/images/Using_the_Cloud_Manager.png b/docs/assets/images/Using_the_Cloud_Manager.png new file mode 100644 index 00000000000..7a3e7cfc2c8 Binary files /dev/null and b/docs/assets/images/Using_the_Cloud_Manager.png differ diff --git a/docs/assets/images/Using_the_Cloud_Manager_2.png b/docs/assets/images/Using_the_Cloud_Manager_2.png new file mode 100644 index 00000000000..888fda387b5 Binary files /dev/null and b/docs/assets/images/Using_the_Cloud_Manager_2.png differ diff --git a/docs/assets/images/Using_the_Cloud_Manager_3.png b/docs/assets/images/Using_the_Cloud_Manager_3.png new file mode 100644 index 00000000000..5aa07b31e98 Binary files /dev/null and b/docs/assets/images/Using_the_Cloud_Manager_3.png differ diff --git a/docs/assets/images/Using_the_Cloud_Manager_4.png b/docs/assets/images/Using_the_Cloud_Manager_4.png new file mode 100644 index 00000000000..38d4a9a94eb Binary files /dev/null and b/docs/assets/images/Using_the_Cloud_Manager_4.png differ diff --git a/docs/assets/images/Using_the_Report_Builder.png b/docs/assets/images/Using_the_Report_Builder.png new file mode 100644 index 00000000000..5bb20d08c23 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_10.png b/docs/assets/images/Using_the_Report_Builder_10.png new file mode 100644 index 00000000000..75dc55c2f79 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_10.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_11.png b/docs/assets/images/Using_the_Report_Builder_11.png new file mode 100644 index 00000000000..668af5e3483 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_11.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_12.png b/docs/assets/images/Using_the_Report_Builder_12.png new file mode 100644 index 00000000000..0884df114d4 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_12.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_13.png b/docs/assets/images/Using_the_Report_Builder_13.png new file mode 100644 index 00000000000..7f85b4da72c Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_13.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_14.png b/docs/assets/images/Using_the_Report_Builder_14.png new file mode 100644 index 00000000000..b7100d7b9a9 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_14.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_15.png b/docs/assets/images/Using_the_Report_Builder_15.png new file mode 100644 index 00000000000..0b12c09fc94 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_15.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_2.png b/docs/assets/images/Using_the_Report_Builder_2.png new file mode 100644 index 00000000000..d30679e3097 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_2.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_3.png b/docs/assets/images/Using_the_Report_Builder_3.png new file mode 100644 index 00000000000..92acd858786 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_3.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_4.png b/docs/assets/images/Using_the_Report_Builder_4.png new file mode 100644 index 00000000000..f3254604631 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_4.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_5.png b/docs/assets/images/Using_the_Report_Builder_5.png new file mode 100644 index 00000000000..cf6da570aa0 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_5.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_6.png b/docs/assets/images/Using_the_Report_Builder_6.png new file mode 100644 index 00000000000..128fcbfdb80 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_6.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_7.png b/docs/assets/images/Using_the_Report_Builder_7.png new file mode 100644 index 00000000000..c470cc8e16a Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_7.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_8.png b/docs/assets/images/Using_the_Report_Builder_8.png new file mode 100644 index 00000000000..f8f7c56356e Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_8.png differ diff --git a/docs/assets/images/Using_the_Report_Builder_9.png b/docs/assets/images/Using_the_Report_Builder_9.png new file mode 100644 index 00000000000..0a6cefec2d8 Binary files /dev/null and b/docs/assets/images/Using_the_Report_Builder_9.png differ diff --git a/docs/assets/images/Working_with_Generated_Reports.png b/docs/assets/images/Working_with_Generated_Reports.png new file mode 100644 index 00000000000..b7100d7b9a9 Binary files /dev/null and b/docs/assets/images/Working_with_Generated_Reports.png differ diff --git a/docs/assets/images/Working_with_Generated_Reports_2.png b/docs/assets/images/Working_with_Generated_Reports_2.png new file mode 100644 index 00000000000..9e55a096325 Binary files /dev/null and b/docs/assets/images/Working_with_Generated_Reports_2.png differ diff --git a/docs/assets/images/Working_with_Generated_Reports_3.png b/docs/assets/images/Working_with_Generated_Reports_3.png new file mode 100644 index 00000000000..6b40cd02147 Binary files /dev/null and b/docs/assets/images/Working_with_Generated_Reports_3.png differ diff --git a/docs/assets/images/_index.png b/docs/assets/images/_index.png new file mode 100644 index 00000000000..07eece49029 Binary files /dev/null and b/docs/assets/images/_index.png differ diff --git a/docs/assets/images/add_edit_connectors.png b/docs/assets/images/add_edit_connectors.png new file mode 100644 index 00000000000..b4b4fec881c Binary files /dev/null and b/docs/assets/images/add_edit_connectors.png differ diff --git a/docs/assets/images/add_edit_connectors_2.png b/docs/assets/images/add_edit_connectors_2.png new file mode 100644 index 00000000000..e074c4146a7 Binary files /dev/null and b/docs/assets/images/add_edit_connectors_2.png differ diff --git a/docs/assets/images/add_edit_connectors_3.png b/docs/assets/images/add_edit_connectors_3.png new file mode 100644 index 00000000000..68e2147e4b2 Binary files /dev/null and b/docs/assets/images/add_edit_connectors_3.png differ diff --git a/docs/assets/images/api-token.png b/docs/assets/images/api-token.png new file mode 100644 index 00000000000..cfe42fcd89e Binary files /dev/null and b/docs/assets/images/api-token.png differ diff --git a/docs/assets/images/api_pipeline_modelling.png b/docs/assets/images/api_pipeline_modelling.png new file mode 100644 index 00000000000..f8a96620dc6 Binary files /dev/null and b/docs/assets/images/api_pipeline_modelling.png differ diff --git a/docs/assets/images/connectors_tool_reference.png b/docs/assets/images/connectors_tool_reference.png new file mode 100644 index 00000000000..2add0f93337 Binary files /dev/null and b/docs/assets/images/connectors_tool_reference.png differ diff --git a/docs/assets/images/connectors_tool_reference_2.png b/docs/assets/images/connectors_tool_reference_2.png new file mode 100644 index 00000000000..32a11c0cae9 Binary files /dev/null and b/docs/assets/images/connectors_tool_reference_2.png differ diff --git a/docs/assets/images/contact_defectdojo_support.png b/docs/assets/images/contact_defectdojo_support.png new file mode 100644 index 00000000000..f345cc8bf67 Binary files /dev/null and b/docs/assets/images/contact_defectdojo_support.png differ diff --git a/docs/assets/images/contact_defectdojo_support_2.png b/docs/assets/images/contact_defectdojo_support_2.png new file mode 100644 index 00000000000..89484dd3ff8 Binary files /dev/null and b/docs/assets/images/contact_defectdojo_support_2.png differ diff --git a/docs/assets/images/edit_ignore_delete_records.png b/docs/assets/images/edit_ignore_delete_records.png new file mode 100644 index 00000000000..db5c9457504 Binary files /dev/null and b/docs/assets/images/edit_ignore_delete_records.png differ diff --git a/docs/assets/images/edit_ignore_delete_records_2.png b/docs/assets/images/edit_ignore_delete_records_2.png new file mode 100644 index 00000000000..a472dacee5b Binary files /dev/null and b/docs/assets/images/edit_ignore_delete_records_2.png differ diff --git a/docs/assets/images/external-tools.png b/docs/assets/images/external-tools.png new file mode 100644 index 00000000000..053563989b5 Binary files /dev/null and b/docs/assets/images/external-tools.png differ diff --git a/docs/assets/images/import_scan_ui.png b/docs/assets/images/import_scan_ui.png new file mode 100644 index 00000000000..851dfa95d34 Binary files /dev/null and b/docs/assets/images/import_scan_ui.png differ diff --git a/docs/assets/images/manage_records.png b/docs/assets/images/manage_records.png new file mode 100644 index 00000000000..91e8676ba1b Binary files /dev/null and b/docs/assets/images/manage_records.png differ diff --git a/docs/assets/images/manage_records_2.jpg b/docs/assets/images/manage_records_2.jpg new file mode 100644 index 00000000000..fa078e4e6bf Binary files /dev/null and b/docs/assets/images/manage_records_2.jpg differ diff --git a/docs/assets/images/operations_discover.png b/docs/assets/images/operations_discover.png new file mode 100644 index 00000000000..4786b371dcb Binary files /dev/null and b/docs/assets/images/operations_discover.png differ diff --git a/docs/assets/images/operations_discover_2.png b/docs/assets/images/operations_discover_2.png new file mode 100644 index 00000000000..07eece49029 Binary files /dev/null and b/docs/assets/images/operations_discover_2.png differ diff --git a/docs/assets/images/operations_discover_3.png b/docs/assets/images/operations_discover_3.png new file mode 100644 index 00000000000..21e5dee6331 Binary files /dev/null and b/docs/assets/images/operations_discover_3.png differ diff --git a/docs/assets/images/operations_page.png b/docs/assets/images/operations_page.png new file mode 100644 index 00000000000..678f0cbc178 Binary files /dev/null and b/docs/assets/images/operations_page.png differ diff --git a/docs/assets/images/operations_sync.png b/docs/assets/images/operations_sync.png new file mode 100644 index 00000000000..2113c8ba6bc Binary files /dev/null and b/docs/assets/images/operations_sync.png differ diff --git a/docs/assets/images/request_a_trial.png b/docs/assets/images/request_a_trial.png new file mode 100644 index 00000000000..339fcddf1f1 Binary files /dev/null and b/docs/assets/images/request_a_trial.png differ diff --git a/docs/assets/images/request_a_trial_2.png b/docs/assets/images/request_a_trial_2.png new file mode 100644 index 00000000000..b6228168a3f Binary files /dev/null and b/docs/assets/images/request_a_trial_2.png differ diff --git a/docs/assets/images/request_a_trial_3.png b/docs/assets/images/request_a_trial_3.png new file mode 100644 index 00000000000..f30f3cc8b1a Binary files /dev/null and b/docs/assets/images/request_a_trial_3.png differ diff --git a/docs/assets/images/request_a_trial_4.png b/docs/assets/images/request_a_trial_4.png new file mode 100644 index 00000000000..9dd8a96e3f6 Binary files /dev/null and b/docs/assets/images/request_a_trial_4.png differ diff --git a/docs/assets/images/request_a_trial_5.png b/docs/assets/images/request_a_trial_5.png new file mode 100644 index 00000000000..2b4bb90ccd4 Binary files /dev/null and b/docs/assets/images/request_a_trial_5.png differ diff --git a/docs/assets/images/request_a_trial_6.png b/docs/assets/images/request_a_trial_6.png new file mode 100644 index 00000000000..16b636890cd Binary files /dev/null and b/docs/assets/images/request_a_trial_6.png differ diff --git a/docs/assets/images/request_a_trial_7.png b/docs/assets/images/request_a_trial_7.png new file mode 100644 index 00000000000..cabf57ab944 Binary files /dev/null and b/docs/assets/images/request_a_trial_7.png differ diff --git a/docs/assets/images/request_a_trial_mg.png b/docs/assets/images/request_a_trial_mg.png new file mode 100644 index 00000000000..41aec0489ee Binary files /dev/null and b/docs/assets/images/request_a_trial_mg.png differ diff --git a/docs/assets/images/run_operations_manually.png b/docs/assets/images/run_operations_manually.png new file mode 100644 index 00000000000..dbc10e031e2 Binary files /dev/null and b/docs/assets/images/run_operations_manually.png differ diff --git a/docs/assets/images/run_operations_manually_2.png b/docs/assets/images/run_operations_manually_2.png new file mode 100644 index 00000000000..10d2aeb494e Binary files /dev/null and b/docs/assets/images/run_operations_manually_2.png differ diff --git a/docs/assets/images/smart_upload.png b/docs/assets/images/smart_upload.png new file mode 100644 index 00000000000..e00d726b6e0 Binary files /dev/null and b/docs/assets/images/smart_upload.png differ diff --git a/docs/assets/images/smart_upload_2.png b/docs/assets/images/smart_upload_2.png new file mode 100644 index 00000000000..1f464d4d554 Binary files /dev/null and b/docs/assets/images/smart_upload_2.png differ diff --git a/docs/assets/images/smart_upload_3.png b/docs/assets/images/smart_upload_3.png new file mode 100644 index 00000000000..e0fa73111c5 Binary files /dev/null and b/docs/assets/images/smart_upload_3.png differ diff --git a/docs/assets/images/using_reimport.png b/docs/assets/images/using_reimport.png new file mode 100644 index 00000000000..d26f35a4652 Binary files /dev/null and b/docs/assets/images/using_reimport.png differ diff --git a/docs/assets/images/using_reimport_2.png b/docs/assets/images/using_reimport_2.png new file mode 100644 index 00000000000..5a180a591c7 Binary files /dev/null and b/docs/assets/images/using_reimport_2.png differ diff --git a/docs/assets/images/using_reimport_3.png b/docs/assets/images/using_reimport_3.png new file mode 100644 index 00000000000..d26f35a4652 Binary files /dev/null and b/docs/assets/images/using_reimport_3.png differ diff --git a/docs/assets/images/using_the_cloud_manager_5.png b/docs/assets/images/using_the_cloud_manager_5.png new file mode 100644 index 00000000000..5ec675978cf Binary files /dev/null and b/docs/assets/images/using_the_cloud_manager_5.png differ diff --git a/docs/assets/images/using_the_cloud_manager_6.png b/docs/assets/images/using_the_cloud_manager_6.png new file mode 100644 index 00000000000..2a2c3cc462e Binary files /dev/null and b/docs/assets/images/using_the_cloud_manager_6.png differ diff --git a/docs/content/en/about_defectdojo/contact_defectdojo_support.md b/docs/content/en/about_defectdojo/contact_defectdojo_support.md index 7c2bee2d42c..3094da9e561 100644 --- a/docs/content/en/about_defectdojo/contact_defectdojo_support.md +++ b/docs/content/en/about_defectdojo/contact_defectdojo_support.md @@ -6,26 +6,29 @@ pro-feature: true weight: 3 --- -For DefectDojo Pro users, DefectDojo's Support team can be contacted in a variety of ways. +DefectDojo Pro subscriptions come with full support from the DefectDojo Inc team during the initial trial period and beyond. -## Contacting Support via Email +Open Source users can receive assistance via the OWASP [Slack Channel](https://owasp.org/slack/invite), or on [GitHub](https://github.com/DefectDojo/django-DefectDojo). See our [Community Site](https://defectdojo.com/community) for more information. -Customers / Pro Users can always email our team directly at [support@defectdojo.com](mailto:support@defectdojo.com). +# Accessing Pro Support +### Email -## Contacting Support through the DefectDojo app +Customers / Pro Users can always email our team directly at [support@defectdojo.com](mailto:support@defectdojo.com) for assistance. + +### Within DefectDojo You can contact us through the DefectDojo App: -* by opening **Cloud Manager \> Contact Support** from the left sidebar**,** +* by opening **Cloud Manager \> Contact Support** from the left sidebar * or through **{your\-instance}.defectdojo.com/cloud\_portal/support**. -![Where to find the 'Contact Support' link in DefectDojo](https://defectdojo-inc.intercom-attachments-7.com/i/o/854681122/eca2271b89d62b943e80923b/gpUG1R_oppB0eO2XyzCludfqxjYCFT4xodToow7IBc-GE7zeXNc3CrGAtHCnLBMSAiFs5PRIcW6V58B6kHAxpKRado9NGjU3sBVbXQFCi2X1zNMfr0Xx8jgNED7ZCvt1bQWe83g47pnFcaPZ9L2oEs8?expires=1729720800&signature=74a5200740953f712cfcb0ed6145ac3ad5657bc5974e2e23e62ce5b13032272c&req=fCUjEMF%2FnINdFb4f3HP0gBxcVTY7O4IHl0%2Bn%2BVAfJVMzuNg%2FYQxvJl0daCy2%0AD6E%3D%0A) +![image](images/contact_defectdojo_support.png) -## Contact Support through the DefectDojo Cloud Portal +### Through the Cloud Portal You can also contact our support team through your Cloud Portal: * by clicking on **Contact Us** (on the left sidebar) * or via ****. -![](https://downloads.intercomcdn.com/i/o/850350549/9183fa1703512f79f83a561b/Screenshot+2023-10-10+at+3.30.51+PM.png?expires=1729720800&signature=e6e5cda5d17f233575c7d5267d79de63210a1184a56e1c6d34468883a4c21817&req=fCUnFcx%2BmIVWFb4f3HP0gKi3DGFot4w4iwNAwMDaVsacaQIz63318wb%2BRw7J%0AOFM%3D%0A) \ No newline at end of file +![image](images/contact_defectdojo_support_2.png) \ No newline at end of file diff --git a/docs/content/en/about_defectdojo/request_a_trial.md b/docs/content/en/about_defectdojo/request_a_trial.md index 92f4d3b8193..a6d2ea8338f 100644 --- a/docs/content/en/about_defectdojo/request_a_trial.md +++ b/docs/content/en/about_defectdojo/request_a_trial.md @@ -1,101 +1,72 @@ --- -title: "Request a Trial" +title: "Request a DefectDojo Pro Trial" description: "How to request and work with a trial of DefectDojo Cloud" draft: "false" weight: 4 pro-feature: true --- - If your team requires an on\-premise DefectDojo installation, please connect with our Sales team by emailing \-\> [info@defectdojo.com](mailto:info@defectdojo.com) . This trial setup process only applies to DefectDojo Cloud users. - All DefectDojo plans include a free 2\-week trial, which you can use to evaluate our software. DefectDojo Trial instances are fully\-featured and can be immediately converted to our team into paid instances \- no need to set everything up again, or reupload any data when your trial period ends. - - -# **Requesting your Trial** - - -In order to sign up for the trial, you'll need to complete the process at . - - - At the end of this process, you'll be put in touch with our Sales team, who will follow up to receive your billing information, and authorize and set up your company's trial instance. +# **Requesting your Trial** -## Step 1: Select a Plan - +In order to sign up for a trial, you'll need to create an account on our Cloud Portal, and then click the New Subscription menu option from the sidebar. -DefectDojo offers 4 plan tiers: Entry, Team, Business and Enterprise. For more information on these plan tiers, see . +![image](images/request_a_trial_mg.png) +## Step 1: Welcome +Click Continue to begin setting up your instance. +![image](images/request_a_trial.png) ## Step 2: Enter your Company Information \& create your Domain - Enter your company's **Name** and the **Server Label** you want to use with DefectDojo. You will then have a custom domain created for your DefectDojo instance on our servers. - - +![image](images/request_a_trial_2.png) Normally, DefectDojo will name your domain according to your Company Name., but if you select "Use Server Label in Domain", DefectDojo will instead label your domain according to the Server Label you chose. This approach may be preferred if you plan to use multiple DefectDojo instances (such as a Production instance and a Test instance, for example). Please contact our Sales team \-\> [info@defectdojo.com](mailto:info@defectdojo.com) if you require multiple instances. - - -![](https://downloads.intercomcdn.com/i/o/860988422/eedc579b6677431286d65848/Screenshot+2023-10-24+at+1.40.08+PM.png?expires=1729720800&signature=a5d0777d68939399aaa5ec509c17ed2d416c1ec2a6bf522f1975ba9081556b02&req=fCYnH8F2mYNdFb4f3HP0gE8a9ArLlDRdCgEOOG%2FhF1RTkIUw7Ito80YJSY0l%0AHKg%3D%0A) - ## Step 3: Select a Server Location - Select a Server Location from the drop\-down menu. We recommend selecting a server that is geographically closest to the main DefectDojo team to reduce server latency. +![image](images/request_a_trial_3.png) -![](https://downloads.intercomcdn.com/i/o/876540337/a0a35dcc0d6133d9920ae351/Screenshot+2023-11-06+at+10.52.31+AM.png?expires=1729720800&signature=ca343d1908f901d445fd42e4a6ad36bf5423fe11f5f5499330f12d5bcbb673f8&req=fCchE81%2BnoJYFb4f3HP0gEQv7p4cu3PEeMC%2F7lhGIjWslFuLY7y9ydfxMon8%0AEqc%3D%0A) - ## Step 4: Configure your Firewall Rules Enter the IP address ranges, subnet mask and labels that you want to allow to access DefectDojo. Additional IP addresses and rules can be added or changed by your team after your instance is up and running. +![image](images/request_a_trial_4.png) - -![](https://downloads.intercomcdn.com/i/o/861008661/a96af61112ab368531e5cea3/Screenshot+2023-10-24+at+2.03.54+PM.png?expires=1729720800&signature=dd429751626344d5acdbc978075350b93c1eee4e08b19a7e2600acc32ef5af09&req=fCYmFsl2m4deFb4f3HP0gC9i9UC9KLwQAM03VQIh7iIX1Mte7ZuJem%2FMasGI%0AMOs%3D%0A) If you want to use external services with DefectDojo (GitHub or JIRA), check the appropriate boxes listed under **Select External Services.** - -![](https://downloads.intercomcdn.com/i/o/861010228/9af57d1dbc88ec8eb1aba838/Screenshot+2023-10-24+at+2.05.17+PM.png?expires=1729720800&signature=4de093e7d6e8eb2868d8827d43b21e3fdcca811d54129281312ed2046e8f436b&req=fCYmFsh%2Bn4NXFb4f3HP0gESMYM2ZnzQC0Fiw%2BtpOyJtEyhzu2iwxkZDcgD8G%0AOt8%3D%0A) - -## Step 4: Confirm your Plan type and Billing Frequency +## Step 5: Confirm your Plan type and Billing Frequency Before you complete the process, please confirm the plan you want to use along with your billing frequency \- monthly or annually. +![image](images/request_a_trial_5.png) - -![](https://downloads.intercomcdn.com/i/o/876543637/6e37d8e254905d129b0db4e9/Screenshot+2023-11-06+at+12.50.04+PM.png?expires=1729720800&signature=71aa69825544e058bf464482c7a705d822cabe57df3d147383cd6f78606e2e2d&req=fCchE819m4JYFb4f3HP0gA6Fk0%2FefI4ZjPtNpPBBX2TaKmf7JCyejxcfyEyq%0Asw0%3D%0A) - -## Step 5: Review and Submit your Request - +## Step 6: Review and Submit your Request We'll prompt you to look over your request one more time. Once submitted, only Firewall rules can be changed by your team without assistance from Support. To contact Support, please email [support@defectdojo.com](mailto:support@defectdojo.com) or follow the instructions in [this article](https://support.defectdojo.com/en/articles/8461544-contact-defectdojo-support). +![image](images/request_a_trial_6.png) +After reviewing and accepting DefectDojo's License and Support Agreement, you can click **Checkout With Stripe** or **Contact Sales**. -![](https://downloads.intercomcdn.com/i/o/862067499/929fb73dfcda5759f44d5fe7/Screenshot+2023-10-25+at+3.41.42+PM.png?expires=1729720800&signature=c5c2efdb7cf11724b8e74e0193d63aab8cb6fdd479f5f05a385156dd4ce3f3fc&req=fCYlFs95mYhWFb4f3HP0gF2vZoT3mHEx2TF3mhg3tv%2FwJLi00MGhyKfgGvLa%0AiTI%3D%0A) -After reviewing and accepting DefectDojo's License and Support Agreement, you can click **Proceed To Checkout,** or **Meet The Creators.** - - - -* Proceed To Checkout will take you to a Stripe page where you can enter your billing information. -* If you do not wish to enter your billing info at this time, you can click Meet The Creators \- our Sales team will be in touch to set up your trial. - +* Checkout With Stripe will take you to a Stripe page where you can enter your billing information. +* If you do not wish to enter your billing info at this time, you can click Contact Sales \- our Sales team will be in touch to set up your trial. # Once your trial has been approved - -Our Support team will send you a Welcome email with links to access your DefectDojo instance. You can always reach out to [support@defectdojo.com](mailto:support@defectdojo.com) for product assistance once your trial begins. - +Our Support team will send you a Welcome email with links and an initial password to access your DefectDojo instance. You can always reach out to [support@defectdojo.com](mailto:support@defectdojo.com) for product assistance once your trial begins. diff --git a/docs/content/en/changelog/changelog.md b/docs/content/en/changelog/changelog.md index 3a244f82cca..7bea66e2ef6 100644 --- a/docs/content/en/changelog/changelog.md +++ b/docs/content/en/changelog/changelog.md @@ -1,13 +1,24 @@ --- -title: "Changes & New Features" +title: "DefectDojo Pro Changelog" description: "DefectDojo Changelog" --- -Here are the release notes for DefectDojo Pro (Cloud Version) releases. For Open Source release notes, please see the [Releases page on GitHub](https://github.com/DefectDojo/django-DefectDojo/releases). +Here are the release notes for **DefectDojo Pro (Cloud Version)**. +For Open Source release notes, please see the [Releases page on GitHub](https://github.com/DefectDojo/django-DefectDojo/releases), or alternatively consult the Open Source [upgrate notes](../../open_source/upgrading/upgrading_guide). -## Nov 17, 2024 -**Version 2.40.2** +## Nov 25, 2024: v2.40.4 + +- **(Beta UI)** Improved Metadata tables with Parent object relationships for Products, Engagements, Tests, Findings, Endpoints/Hosts +- **(Beta UI)** Deleting an object now returns you to a page which makes more sense. +- **(Endpoints)** Endpoints can now be sorted by ID. +- **(Review Request)** When a user requests a review, both the requester and the requestee are now captured in audit logs. +- **(Tools)** Trivy Operator now parses the ‘cluster compliance report’ from scans. +- **(Tools)** CheckMarx One parser can now handle cases where a result has no description. +- **(Tools)** AnchorCTL Policies tool has been fortified to handle new severity values. + + +## Nov 17, 2024: v2.40.2 - **(API)** Added an API endpoint to get the DefectDojo version number: `/api/v2/version` (Pro) - **(API)** Multiple Metadata objects can now be added to a single Endpoint, Finding or Product via POST or PATCH to `/api/v2/metadata/` . Previously, only one Metadata key/value pair could be updated per call. @@ -19,8 +30,7 @@ Here are the release notes for DefectDojo Pro (Cloud Version) releases. For Ope - **(Tools)** Update to AWS Prowler parser - can now handle the ‘event_time’ parameter -## Nov 14, 2024 -**Version 2.40.1** +## Nov 14, 2024: v2.40.1 - **(API)** Added a method to validate for file extensions, when 'artifact' files are added to a test (images, for example) - **(Cloud Portal)** Fixed an issue where QR codes were not being generated correctly for MFA setup. (Pro) @@ -31,8 +41,7 @@ Here are the release notes for DefectDojo Pro (Cloud Version) releases. For Ope -## Nov 4, 2024 -**Version 2.40.0** +## Nov 4, 2024: v2.40.0 - **(API)** Engagement_End_Date is now honored when submitted via /import /reimport endpoint. - **(API)** Corrected an issue with the /import endpoint where old Findings were not being mitigated correctly. @@ -60,16 +69,14 @@ configuration fields. * The "Location" field should be populated with the appropriate API endpoint for your region. For example, to retrieve results from the us-east-1 region, you would supply https://securityhub.us-east-1.amazonaws.com. * Note that we rely on Security Hub's cross-region aggregation to pull findings from more than one region. If cross-region aggregation is enabled, you should supply the API endpoint for your "Aggregation Region". Additional linked regions will have ProductRecords created for them in DefectDojo based on your AWS account IDs and the region names. -## October 29, 2024 -**Version 2.39.4 / 2.39.3** +## Oct 29, 2024: v2.39.4 - **(API)** Corrected 'multiple positional arguments' issue with `/import` endpoint - **(Metrics)** Dashboards can now handle multiple Products or Product Types simultaneously: this includes the Executive, Program, Remediation and Tool insights dashboards. (Pro) - **(Tools)** OSV, Tenable parsers have been made more robust -## October 21, 2024 -**Version 2.39.1** +## Oct 21, 2024: v2.39.1 - **(Beta UI)** Parent Object links have been added to the Metadata table to help contextualize the page you're on - **(Beta UI)** Improved "Toggle Columns" menu on tables @@ -79,9 +86,7 @@ configuration fields. - **(Metrics)** All Metrics dashboards can now be exported as a PDF (Remediation Insights, Program Insights, Tool Insights) (Pro) -## October 7, 2024 -**Version 2.39.0** - +## Oct 7, 2024: v2.39.0 - **(Beta UI)** Dropdown menus for Import Scan / Reimport Scan no longer block the active element of a form. - **(Beta UI)** Finding counts by Severity now disregard Out Of Scope / False Positive Findings. @@ -90,8 +95,7 @@ configuration fields. - **(Tools)** AWS Security Hub EPSS score now parses correctly. -## September 30, 2024 -**Version 2.38.4** +## Sept 30, 2024: v2.38.4 - **(API)** Object History can now be accessed via the API. - **(API Docs)** Generating the response schema for certain API endpoints no longer breaks the Swagger interface. @@ -99,8 +103,7 @@ configuration fields. - **(Passwords)** Password creation for new users can now be made optional upon request. This feature is toggled via the back-end. -## September 23, 2024 -**Version 2.38.3** +## Sept 23, 2024: v2.38.3 - **(API)** `/global_role` endpoint now supports prefetching. - **(API)** It is now possible to prefetch a Finding with attached files via API. @@ -112,8 +115,7 @@ configuration fields. - **Tools** fixed an issue where certain tools would not process asyncronously: Whitehat_Sentinel, SSLyze, SSLscan, Qualys_Webapp, Mend, Intsights, H1, and Blackduck. -## September 16, 2024 -**Version 2.38.2** +## Sept 16, 2024: v2.38.2 - **(Beta UI)** Jira integration in Beta UI now has parity with Legacy UI. Ability to Push To Jira has been added, and the Jira ticket view has been added to Findings, Engagements, and all other related objects in DefectDojo. - **(Finding SLAs)** Added “Mitigated Within SLA” Finding filter, so that users can now count how many Findings were mitigated on time, and how many were not. Previously, we were only able to filter Findings that were currently violating SLA or not, rather than ones that had historically violated SLA or not. @@ -126,8 +128,7 @@ configuration fields. -## September 9, 2024 -**Version 2.39.1** +## Sept 9, 2024: v2.39.1 - **(Beta UI)** Clearing a date filter and re-applying it no longer throws a 400 error. - **(Dashboard)** Dashboard Tag Filters now work correctly in both legacy and beta UIs. @@ -139,8 +140,7 @@ configuration fields. - **(Tools)** EPSS score / percentile will now be imported from Aquasec files -## Sepember 3, 2024 -**Version 2.38.0** +## Sept 3, 2024: v2.38.0 - **(API)** Better naming conventions on Mitigated and Discovered date filters: these are now labeled Mitigated/Discovered On, Mitigated/Discovered Before, Mitigated/Discovered After. - **(Beta UI)** Pre-filtered Finding Routes added to Sidebar: you can now quickly filter for Active Findings, Mitigated Findings, All Risk Acceptances, All Finding Groups. @@ -156,8 +156,7 @@ configuration fields. - **(Risk Acceptance)** Updating the Simple Risk Acceptance or the Full Risk Acceptance flag on a Product now updates the Product as expected. -## August 28, 2024 -**Version 2.37.3** +## Aug 28, 2024: v2.37.3 - **(API)** New Endpoint: /finding_groups allows you to GET, add Findings to, delete, or otherwise interact with Finding Groups. (Pro) - **(Beta UI)** Relative date ranges for Findings have been added to Finding Filters (last 30 days, last 90 days, etc) @@ -173,8 +172,7 @@ configuration fields. - **(Tools)** Nmap Parser now handles script output -## August 7, 2024 -**Version Version 2.37.0** +## Aug 7, 2024: v2.37.0 - **(API)** Created a method to handle simultaneous async reimports to the same Test via API - **(API)** Minimum Severity flag now works as expected on /import, /reimport endpoints (Clearsale) @@ -193,8 +191,7 @@ configuration fields. - **(Tools)** Kiuwan SCA Parser released - **(Tools)** Test Types can now be set to Inactive so that they won’t appear in menus. This ‘inactive’ setting can only be applied in the legacy UI, via Engagements > Test Types (or defectdojo.com/test_type) -## July 8, 2024 -**Version 2.36.0** +## Jul 8, 2024: v2.36.0 - **(Notifications)** Improved email notifications with collapsible Finding lists for greater readability - **(SLAs)** SLAs can now be optionally enforced. For each SLA associated with a Product you can set or unset the Enforce __ Finding Days box in the relevant SLA Configuration screen. When this box is unchecked, SLAs for Findings that match that Severity level will not be tracked or displayed in the UI. diff --git a/docs/content/en/cloud_management/set_up_cloud_instance.md b/docs/content/en/cloud_management/additional-cloud-instance.md similarity index 50% rename from docs/content/en/cloud_management/set_up_cloud_instance.md rename to docs/content/en/cloud_management/additional-cloud-instance.md index 5c5bb2cb7f6..2b65fd873fe 100644 --- a/docs/content/en/cloud_management/set_up_cloud_instance.md +++ b/docs/content/en/cloud_management/additional-cloud-instance.md @@ -5,84 +5,54 @@ description: "Add a test, dev, or other DefectDojo instance to your account" The process for adding a second Cloud instance is more or less the same as adding your first instance. This guide assumes you've already set up your initial DefectDojo server, and have an agreement with our Sales team to add another instance. - - - If you have not already requested an additional Cloud instance, please contact [info@defectdojo.com](mailto:info@defectdojo.com) before proceeding. - - ## Step 1: Open the New Subscription process +You can start this process from the following link: , or by clicking 🛒 **New Subscription** from the Cloud Manager page (cloud.defectdojo.com). -You can start this process from the following link: , or by clicking 🛒 **New Subscription** from the Cloud Manager page (cloud.defectdojo.com). - - - -![](https://downloads.intercomcdn.com/i/o/876539636/9b4cc38bb1a114bc31904443/Screenshot+2023-11-06+at+12.46.19+PM.png?expires=1729720800&signature=08ce5ffef842d3b4be4aa3f8538376ec461d2bc6d1d83afb85dcc9d801c7bf25&req=fCchE8p3m4JZFb4f3HP0gIHRfF7bqgQfmpwT2LnRImRLxalz2iT9uKYA9mKX%0ARmQ%3D%0A) +![image](images/request_a_trial.png) ## Step 2: Set your Server Label - Enter your company's **Name** and the **Server Label** you want to use with DefectDojo. You will then have a custom domain created for your DefectDojo instance on our servers. - - Keep your company name the same as before, but create a new Server Label and check the "**Use Server Label in Domain**" button, so that you can easily differentiate between your servers. - - -![](https://downloads.intercomcdn.com/i/o/860988422/eedc579b6677431286d65848/Screenshot+2023-10-24+at+1.40.08+PM.png?expires=1729720800&signature=a5d0777d68939399aaa5ec509c17ed2d416c1ec2a6bf522f1975ba9081556b02&req=fCYnH8F2mYNdFb4f3HP0gE8a9ArLlDRdCgEOOG%2FhF1RTkIUw7Ito80YJSY0l%0AHKg%3D%0A) +![image](images/request_a_trial_2.png) ## Step 3: Select a Server Location - Select a Server Location from the drop\-down menu. As before, we recommend selecting a server that is geographically closest to your users to reduce server latency. - - -![](https://downloads.intercomcdn.com/i/o/876540337/a0a35dcc0d6133d9920ae351/Screenshot+2023-11-06+at+10.52.31+AM.png?expires=1729720800&signature=ca343d1908f901d445fd42e4a6ad36bf5423fe11f5f5499330f12d5bcbb673f8&req=fCchE81%2BnoJYFb4f3HP0gEQv7p4cu3PEeMC%2F7lhGIjWslFuLY7y9ydfxMon8%0AEqc%3D%0A) +![image](images/request_a_trial_3.png) ## Step 4: Configure your Firewall Rules - Enter the IP address ranges, subnet mask and labels that you want to allow to access DefectDojo. Additional IP addresses and rules can be added or changed by your team after your instance is up and running. - - If you wish, these firewall rules can be different from the rules on your main DefectDojo instance. +![image](images/request_a_trial_4.png) - -![](https://downloads.intercomcdn.com/i/o/861008661/a96af61112ab368531e5cea3/Screenshot+2023-10-24+at+2.03.54+PM.png?expires=1729720800&signature=dd429751626344d5acdbc978075350b93c1eee4e08b19a7e2600acc32ef5af09&req=fCYmFsl2m4deFb4f3HP0gC9i9UC9KLwQAM03VQIh7iIX1Mte7ZuJem%2FMasGI%0AMOs%3D%0A) If you want to use external services with this instance (GitHub or JIRA), check the appropriate boxes listed under **Select External Services.** - - -![](https://downloads.intercomcdn.com/i/o/861010228/9af57d1dbc88ec8eb1aba838/Screenshot+2023-10-24+at+2.05.17+PM.png?expires=1729720800&signature=4de093e7d6e8eb2868d8827d43b21e3fdcca811d54129281312ed2046e8f436b&req=fCYmFsh%2Bn4NXFb4f3HP0gESMYM2ZnzQC0Fiw%2BtpOyJtEyhzu2iwxkZDcgD8G%0AOt8%3D%0A) +You can also proceed without a firewall by selecting **Proceed Without Firewall**. Your firewall can be re-enabled later. ## Step 5: Confirm your Plan type and Billing Frequency - At the end of our process, you'll be put in touch with our sales team, who can accurately quote your new server. We recommend you select the Plan Type which has the server specifications you require for the new instance. - +![image](images/request_a_trial_5.png) A second server may not require the same storage, CPU and RAM requirements as your 'main' instance, but this will depend on your team's technical requirements. - - -![](https://downloads.intercomcdn.com/i/o/876543046/5c065910695edf6d0adf21a1/Screenshot+2023-11-06+at+12.50.04+PM.png?expires=1729720800&signature=3d7becae3895bcab80009b80513edb4e894f89f0bde7165103a554f0b517e2b0&req=fCchE819nYVZFb4f3HP0gP2oc8RWNW5g1tf9s%2BwDUtB9peXdDn2GiZgvSJSn%0AVIc%3D%0A) - ## Step 6: Review and Submit your Request - We'll prompt you to look over your request one more time. Once submitted, only Firewall rules can be changed by your team without assistance from Support. +![image](images/request_a_trial_6.png) +After reviewing and accepting DefectDojo's License and Support Agreement, you can proceed to **Checkout With Stripe**, or if you have an existing billing arrangement you can click **Contact Sales**. -After reviewing and accepting DefectDojo's License and Support Agreement, please click **Meet The Creators.** Our Support team will reach out to you when the process is complete and your server has been provisioned. - - - -![](https://downloads.intercomcdn.com/i/o/862067499/929fb73dfcda5759f44d5fe7/Screenshot+2023-10-25+at+3.41.42+PM.png?expires=1729720800&signature=c5c2efdb7cf11724b8e74e0193d63aab8cb6fdd479f5f05a385156dd4ce3f3fc&req=fCYlFs95mYhWFb4f3HP0gF2vZoT3mHEx2TF3mhg3tv%2FwJLi00MGhyKfgGvLa%0AiTI%3D%0A) +Our Support team will reach out to you with login credentials when your server has been approved and provisioned. \ No newline at end of file diff --git a/docs/content/en/cloud_management/connectivity_troubleshooting.md b/docs/content/en/cloud_management/connectivity-troubleshooting.md similarity index 61% rename from docs/content/en/cloud_management/connectivity_troubleshooting.md rename to docs/content/en/cloud_management/connectivity-troubleshooting.md index 5f744091ee7..ed2447013b7 100644 --- a/docs/content/en/cloud_management/connectivity_troubleshooting.md +++ b/docs/content/en/cloud_management/connectivity-troubleshooting.md @@ -5,69 +5,49 @@ description: "Reconnect to your DefectDojo Instance" If you have difficulty accessing your DefectDojo instance, here are some steps you can follow to get reconnected: - - -# **I can access the site, but I can't log in** - +## I can access the site, but I can't log in 1. You can reset the password for your account from the login page: **yourcompanyinstance.cloud.defectdojo.com/login**. Click 'I forgot my password' in order to begin the process. ​ +![image](images/Connectivity_Troubleshooting.png) -![](https://downloads.intercomcdn.com/i/o/867662528/dbd2358b981f856e7f624c01/Screenshot+2023-10-30+at+2.06.03+PM.png?expires=1729720800&signature=cd15a929f169cf01783a6ed6c5e5d2808896ff64299b8cc14df0c09fd5307d72&req=fCYgEM98mINXFb4f3HP0gO6jJd9YIsKGdFgO9HgVqQpav8SNveR7J%2BvC8rys%0A5d8%3D%0A) 2. Enter your email address, and click "Reset my password". ​ -3. You should receive an email with the subject header "**Password reset on yourcompanyinstance.cloud.defectdojo.com**". This email contains a link which you can click to set a new password. +3. You should receive an email with the subject header "`Password reset on yourcompanyinstance.cloud.defectdojo.com`". This email contains a link which you can click to set a new password. -​ - - -![](https://downloads.intercomcdn.com/i/o/867664555/cef20544226f5012b4251ea6/Screenshot+2023-10-30+at+2.07.01+PM.png?expires=1729720800&signature=c40a92e6ec5c8c66de22e14b50f0d6a94c4b9eecf39ebefae7da739194efb44f&req=fCYgEM96mIRaFb4f3HP0gH1b%2F68jdpPBfLFZTfDo%2FQdLZvSWWjFM6I7jc5Gz%0AEbA%3D%0A) +![image](images/Connectivity_Troubleshooting_2.png) If you don't receive an email, please check your Spam folder. Failing that, have your team's DefectDojo admin confirm that you have an account registered on your instance. -​ - -# **I can't access my company's cloud.defectdojo site** +## I can't access my company's cloud.defectdojo site If your company's cloud.defectdojo site does not load in your browser, or times out, it may be necessary for your company to change your firewall rules in order to accept your connection. - - Firewall rules can be changed in your Cloud Manager at . - - If your company uses a shared VPN, proxy server or a similar tool, make sure it’s authorized to connect to DefectDojo and that the IP address is included in DefectDojo's Firewall rules. - - If the problem persists, please contact [support@defectdojo.com](mailto:support@defectdojo.com) . - -# **I can't log in to the Cloud Manager** - +## I can't log in to the Cloud Manager If you can’t access the Cloud Manager, navigate to the Login page at and click **“Forgot your password?”** - -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/867730200/fec4f8e41a85980d9f2b5848/LLaYN22oG70U12Bn8arFUnCJcpyVZioqKmyAc9wgD0EkWqNbGQKx6IfEOIQYADmiL_oxrtcKciq3XYTFr53jF_QuqtOGDJua9JdtdyydYa9A9uwFcNkWiXEVuhwk6X2O7Euz-vfqOmqclvKzrlmiZMU?expires=1729720800&signature=8686957e56b0151acddca629d70588d3a7dc550527417676cdbdf3227efb33c5&req=fCYgEcp%2Bn4FfFb4f3HP0gJcUOE6BwyJhS43Nt3T%2B2A3Jgbqj6fMRKOC7N0bI%0AcUI%3D%0A) +![image](images/Connectivity_Troubleshooting_3.png) You’ll be prompted to enter your email address, and our team will send you an email with a link to reset your password and enter a new one. - - Please note that this login method only works for the **Cloud Manager**, an admin site which your team members may not all have access to. Directly logging into your instance to use DefectDojo is only possible by directly connecting to **yourcompanyinstance.cloud.defectdojo.com/login**. -# **I've lost access to my MFA codes** - +## **I've lost access to my MFA codes** * **For the Cloud Manager:** If you lose access to your MFA codes, or Authenticator App, please contact DefectDojo Support at [support@defectdojo.com](mailto:support@defectdojo.com). * **For a DefectDojo Instance:** It is not currently possible to remove MFA access from an account without an MFA code. The best option in this case is to create a new DefectDojo login, and re\-grant all necessary permissions to this account. diff --git a/docs/content/en/cloud_management/using-cloud-manager.md b/docs/content/en/cloud_management/using-cloud-manager.md new file mode 100644 index 00000000000..ddb55384123 --- /dev/null +++ b/docs/content/en/cloud_management/using-cloud-manager.md @@ -0,0 +1,70 @@ +--- +title: "Using the Cloud Manager" +description: "Manage your subscription and account settings" +--- + +Logging into DefectDojo's Cloud Manager allows you to configure your account settings and manage your subscription with DefectDojo Cloud. + +## **New Subscription** + + +This page allows you to request a [new, or additional Cloud instance](../set-up-an-additional-cloud-instance) from DefectDojo. + +## **Manage Subscriptions** + + +The Subscription Management page shows all of your currently active Cloud instances, and allows you to configure the Firewall settings for each instance. + +### Changing your Firewall Settings +![image](images/Using_the_Cloud_Manager.png) + +Once on the **Edit Subscription** page, enter the IP Address, Mask, and Label for the rule you wish to add. If more than one firewall rule is needed, click **Add New Range** to create a new empty rule. + +![image](images/Using_the_Cloud_Manager_2.png) + +Here, you can also open your firewall to external services (GitHub & Jira Cloud). You can also disable your firewall entirely, if you wish, by selecting **Proceed Without Firewall** from the menu. + +## Adding additional users to the Cloud Portal + +If you have multiple users who you want to give control over your Cloud Portal / DefectDojo Subscription, you can add them using this form. The users you want to add will have to have created their own Cloud Portal account at cloud.defectdojo.com; having an account on your DefectDojo instance is not sufficient. + +![image](images/using_the_cloud_manager_5.png) + +Enter the email associated with the user's Cloud Portal account, and click Submit to add them to your list of linked users. The user will now be able to manage the Cloud Portal and your DefectDojo subscription. + +## Resources + + +The Resources page contains a Contact Us form, which you can use to get in touch with our Support team. + +![image](images/Using_the_Cloud_Manager_3.png) + +## Tools + + +The Tools page is one of the places where you can download external Pro tools, such as Universal Importer or DefectDojo CLI. These tools are external add-ons which can be used to quickly build a command-line import pipeline in your network. For more information about these tools, see the [External Tools](../../connecting_your_tools/external_tools/) documentation. + +![image](images/Using_the_Cloud_Manager_6.png) + + +## Account Settings + + +The account settings page has four sections: + +* **User Contact** allows you to set your Username, Email Address, First Name and Last Name. +* **Email Accounts** allows you to add additional email addresses to your accounts. Adding an additional email account will send a verification email to the new address. +* **Manage Social Accounts** allows you to connect DefectDojo Cloud to your GitHub or Google credentials, which can be used to log in instead of a username and password. +* **MFA Settings** allow you to add an MFA code to Google Authenticator, 1Password or similar apps. Adding an additional step to your login process is a good proactive step to prevent unauthorized access. + +### Add MFA to your Cloud Portal login + + +Note that this will only add MFA to your DefectDojo Cloud login, not to the login for your DefectDojo app. + +![image](images/Using_the_Cloud_Manager_4.png) + +1. Begin by installing an Authenticator app which supports QR code authentication on your smartphone or computer. +2. Once you've done this, click **Generate QR Code**. +3. Scan the QR code provided in DefectDojo using your Authenticator app, and then enter the six\-digit code provided by your app. +4. Click **Enable Multi\-Factor Authentication**. \ No newline at end of file diff --git a/docs/content/en/cloud_management/using_the_cloud_manager.md b/docs/content/en/cloud_management/using_the_cloud_manager.md deleted file mode 100644 index 853c75c0d10..00000000000 --- a/docs/content/en/cloud_management/using_the_cloud_manager.md +++ /dev/null @@ -1,77 +0,0 @@ ---- -title: "Using the Cloud Manager" -description: "Manage your subscription and account settings" ---- - -Logging into DefectDojo's Cloud Manager allows you to configure your account settings and manage your subscription with DefectDojo Cloud. - - - -# **New Subscription** - - -This page allows you to request a new, or additional Cloud instance from DefectDojo. - - - - -# **Manage Subscriptions** - - -The Subscription Management page shows all of your currently active Cloud instances, and allows you to configure the Firewall settings for each instance. - - - -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/862089009/21684204f59c8a72fc5cd96c/oWnbKju2gAuFoJyu1HqO8VoY10HF98nGETVQr3qqyVetxwVS9T4dd9BsA07iVpqimE_DbAEOxu4YnETyF4B66bv8eRY7SA0LUfLcZV_cr2EyBBqe13n0XJd7MRFkhtVUYHBmAr7ikL-jqMRP_x3G5Yo?expires=1729720800&signature=c17d819ae6f7d8fcede2df269d2f70ce3a6d52a5fc90ca1eb528ef8fcbc981f4&req=fCYlFsF3nYFWFb4f3HP0gKBBQOIZ9S1HeeHWkUy2iQgj1cIBI%2FsKvYdjil0P%0A7zU%3D%0A)To edit or add firewall rules from within the DefectDojo cloud site, navigate to the **Manage Subscriptions** page, then click the **Edit Subscription** button in the top right corner of the subscription you wish to edit. - - - -Once on the **Edit Subscription** page, enter the IP Address, Mask, and Label for the rule you wish to add. If more than one firewall rule is needed, click **Add New Range** to create a new empty rule. - - - -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/862089016/f591206745e3f6fb1e84ebb0/_0YHO3wFX4NOPfXD6lGQrlgyizJG4oI1uAmG6xPjKVNS5LEEsHG_e0NL7S9ghukYJZDGdZnLMLZbf4let3cWyEt1AXL-hKAr2pbJs94NMNGC4d_aCnAZzJwYw_-aisx_lkvSFQGGovg9DTXmHpcZQVE?expires=1729720800&signature=9c30c659541303f0b846c14f397d397d15b15cdbd5f7d06fa069ad94de9d12a6&req=fCYlFsF3nYBZFb4f3HP0gGOaSb2VkqgcS5e1HnxDZWkIvMwr9%2Bcy0%2FpbfIzh%0ABPw%3D%0A)To save these newly added firewall rules, click **Submit** at the bottom of the page to save and update the firewall rules on your DefectDojo cloud instance. - - - -Firewall rules can also be updated from within your DefectDojo cloud instance. For more information on modifying firewall rules from within your instance, detailed documentation can be found here: - - -*[https://documentation.defectdojo.com/proprietary\_plugins/01\_plus/cloud\_portal/\#firewall\-rules](https://documentation.defectdojo.com/proprietary_plugins/01_plus/cloud_portal/#firewall-rules)* - - - -# **Resources** - - -The Resources page contains a Contact Us form, which you can use to get in touch with our Support team. - - - -![](https://downloads.intercomcdn.com/i/o/874730270/5aeed3c6a01d72f6f9cd3744/Screenshot+2023-11-03+at+2.23.51+PM.png?expires=1729720800&signature=64441b86a47e5e90e7d835f9ba7f395cb5e699f550b98afae217c59636841c90&req=fCcjEcp%2Bn4ZfFb4f3HP0gO8a52Smoi05dVcxL5OEbRnX%2BGZMCLHom5a8sWeR%0AhoA%3D%0A)It also contains a link to our Open\-Source Documentation, which can be viewed at https://documentation.defectdojo.com. - - - -# **Account Settings** - - -The account settings page has four sections: - - -* **User Contact** allows you to set your Username, Email Address, First Name and Last Name. -* **Email Accounts** allows you to add additional email addresses to your accounts. Adding an additional email account will send a verification email to the new address. -* **Manage Social Accounts** allows you to connect DefectDojo Cloud to your GitHub or Google credentials, which can be used to log in instead of a username and password. -* **MFA Settings** allow you to add an MFA code to Google Authenticator, 1Password or similar apps. Adding an additional step to your login process is a good proactive step to prevent unauthorized access. - -### Add MFA to your login process - - -This can also be done from the following link: - - -1. Begin by installing an Authenticator app which supports QR code authentication on your smartphone or computer. -2. Once you've done this, click **Generate QR Code**. -3. Scan the QR code provided in DefectDojo using your Authenticator app, and then enter the six\-digit code provided by your app. -4. Click **Enable Multi\-Factor Authentication**. - -![](https://downloads.intercomcdn.com/i/o/874771940/efe7f25c04e1cd3189456f8d/Screenshot+2023-11-03+at+3.09.24+PM.png?expires=1729720800&signature=2664f7e14fe3ac87961f3593b1a123b17482ddca6237863d4acb1c97a97e4a0b&req=fCcjEc5%2FlIVfFb4f3HP0gP1QCbFbvE832eH4u4sdueBzfdtszKhTMHHP9qD7%0AtD4%3D%0A) \ No newline at end of file diff --git a/docs/content/en/connecting_your_tools/connectors/_index.md b/docs/content/en/connecting_your_tools/connectors/_index.md index c60b2f44282..dd35c99ad4b 100644 --- a/docs/content/en/connecting_your_tools/connectors/_index.md +++ b/docs/content/en/connecting_your_tools/connectors/_index.md @@ -71,7 +71,7 @@ Let's say you have a BurpSuite tool, which is set up to scan five different repo -![](https://downloads.intercomcdn.com/i/o/1004622773/fe375ad7f2ee3717a3688901/Screenshot+2024-03-27+at+15_50_38+%281%29.png?expires=1729720800&signature=85f08ec969cd4a5301882380414de0c3dfd2bf15a949aaec061d45f28f58cbd4&req=dSAnEs98n4ZYWvMW1HO4zYmbfqRB1Lp1LMtjuVEv4eEqMiwOkI085QOf4I6W%0AxAQ%2B%0A) +![image](images/_index.png) Once your **Record** mappings are set up, DefectDojo will start importing scan data on a regular basis. You'll be kept up to date on any new vulnerabilities detected by the tool, and you can start working with existing vulnerabilities immediately, using DefectDojo's **Findings** system. diff --git a/docs/content/en/connecting_your_tools/connectors/add_edit_connectors.md b/docs/content/en/connecting_your_tools/connectors/add_edit_connectors.md index de5c3428675..31acdcad827 100644 --- a/docs/content/en/connecting_your_tools/connectors/add_edit_connectors.md +++ b/docs/content/en/connecting_your_tools/connectors/add_edit_connectors.md @@ -16,14 +16,14 @@ Before you begin this process, we recommend checking our [tool\-specific referen ​ -![](https://downloads.intercomcdn.com/i/o/991915026/296fa5c67043d0abb4e2860c/Screenshot+2024-03-14+at+3_41_33+PM.png?expires=1729720800&signature=454263ddd9ba6944c1aa25e40f04f6b8130c84f16becd427c0261deb236719f8&req=fSkmH8h7nYNZFb4f3HP0gOGM2TgIbGVR3EfvdJsMjdCRCO26w%2FUujN5NeNyz%0At28%3D%0A) +![image](images/add_edit_connectors.png) 3. Choose a new Connector you want to add to DefectDojo in **Available Connections**, and click the **Add Configuration** underneath the tool. ​ You can also edit an existing Connection under the **Configured Connections** header. Click **Manage Configuration \> Edit Configuration** for the Configured Connection you want to Edit. ​ -![](https://downloads.intercomcdn.com/i/o/991916807/64e7bdb93a079883a6e3ab00/Screenshot+2024-03-14+at+3_43_22+PM.png?expires=1729720800&signature=a481892cc1793c842ffd9adf3679b09a53237f2573dacec45f938d872c7b3f47&req=fSkmH8h4lYFYFb4f3HP0gGj91l%2Fky%2BN9vPwzBx%2FPhnP8bP3dLpQaBHMDBqps%0ADMg%3D%0A) +![image](images/add_edit_connectors_2.png) 4. You will need an accessible URL **Location** for the tool, along with an API **Secret** key. The location of the API key will depend on the tool you are trying to configure. See our **[Tool\-Specific Reference](https://support.defectdojo.com/en/articles/9056761-tool-specific-reference)** for more details. ​ 5. Set a **Label** for this connection to help you identify it in DefectDojo. @@ -34,7 +34,7 @@ You can also edit an existing Connection under the **Configured Connections** he ​ 8. Click **Submit.** -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/988485966/e745529a9c3ade55fe1b1b9b/gRMI254yf9N8orh2k25z6VzW7ttWszvrSg1w_IIirHu3QfOWzTM6Ct84XRBE8-KkVxhYncqI_pGhk3w1HJcyZK1Y7YNKqSQ_k0QLosULR_vb59V42X-JbAgvc15-tMxUalbF8nwig3N_koW11W-zqDM?expires=1729720800&signature=bfe1a7891af553d6711345393f9090070d889a8d00570ccbe16097fa5bd598d9&req=fSgvEsF7lIdZFb4f3HP0gCWhPQoxsd9Oygc4cz%2Furk3F2DljlYx3PggsKpTL%0AOg8%3D%0A) +![image](images/add_edit_connectors_3.png) ## Next Steps diff --git a/docs/content/en/connecting_your_tools/connectors/connectors_tool_reference.md b/docs/content/en/connecting_your_tools/connectors/connectors_tool_reference.md index 2963ee5239a..90e7726cb2f 100644 --- a/docs/content/en/connecting_your_tools/connectors/connectors_tool_reference.md +++ b/docs/content/en/connecting_your_tools/connectors/connectors_tool_reference.md @@ -13,7 +13,7 @@ Some tools will require additional API\-related fields beyond **Location** and * -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/988476659/ceba1d2432ceef4f8ddd43ab/E4fVPzan1qaSwnVt96hVz2yE_ByLc8_Db-vmEezGHdmEQfWWPiawiSCV3gl-01VaJgWOx63uotxQjGl9cj6TG-Pb9AScvyRV12Q5dEU0gt4Qr5aoEUwYYa0HPQF_5iLTbz7Av2tAKqIRgj_9vE13328?expires=1729720800&signature=959e698083b3f013ebf4f44d7cd171460891ce0f88bacbc1abf9725763656363&req=fSgvEs54m4RWFb4f3HP0gDOvGCQsUdne6p9SGA1J6JbofhdNIhHVi1tX81ms%0A7sI%3D%0A) +![image](images/connectors_tool_reference.png) Each tool has different API requirements, and this guide is intended to help you set up the tool's API so that DefectDojo can connect. @@ -137,7 +137,7 @@ DefectDojo's Checkmarx ONE connector calls the Checkmarx API to fetch data. ​ -![](https://downloads.intercomcdn.com/i/o/1109449914/5ea92d383f2d09af8459a6ed/Screenshot+2024-07-10+at+2_57_34+PM.png?expires=1729720800&signature=d72362ec01a93727039ea6b52e32856d8fca74fb8f8751de50665f5779842968&req=dSEnH816lIheXfMW1HO4zW3Rem0XHydNRIiZJHcwnXoqZgIXk5Jl9kZAXhIg%0A8EbF%0A) +![image](images/connectors_tool_reference_2.png) 2. Enter a valid API key. You may need to generate a new one: see [Checkmarx API Documentation](https://docs.checkmarx.com/en/34965-68618-generating-an-api-key.html#UUID-f3b6481c-47f4-6cd8-9f0d-990896e36cd6_UUID-39ccc262-c7cb-5884-52ed-e1692a635e08) for details. 3. Enter your tenant location in the **Location** field. This URL is formatted as follows: ​`https://.ast.checkmarx.net/` . Your Region can be found at the beginning of your Checkmarx URL when using the Checkmarx app. **** is the primary US server (which has no region prefix). diff --git a/docs/content/en/connecting_your_tools/connectors/edit_ignore_delete_records.md b/docs/content/en/connecting_your_tools/connectors/edit_ignore_delete_records.md index ec2178f44ad..f0a39e76be2 100644 --- a/docs/content/en/connecting_your_tools/connectors/edit_ignore_delete_records.md +++ b/docs/content/en/connecting_your_tools/connectors/edit_ignore_delete_records.md @@ -16,7 +16,7 @@ From the Records table, click the blue ▼ Arrow next to the State column on a g -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/991861519/038163776895e87723a52384/T6IvYbAUMdmrbVWj8fe_rYCn_MzgFXI9aEOu-PvVERtgZ7FjdurerkkobRY3R9uZfBuOO-7okvDSdEdjZLKpvEwbXAKlSHbiTEYOCfmfKXC-_eHsPXdX8sfMlQPL-A-NU9IiVJ5esQtdwcNSlsuD_u0?expires=1729720800&signature=f36d18c3de5b05361f4af20d4e7d3374f1d25358dfeffbf439f3462377d87054&req=fSkmHs9%2FmIBWFb4f3HP0gEja47GdQdb%2B%2BLFrIsBuvBMOnN0G6SdozTFKik%2BB%0AVx0%3D%0A) +![image](images/edit_ignore_delete_records.png) # Edit a Record @@ -26,7 +26,7 @@ Clicking **Edit Record** will open a window which allows you to change the desti -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/991861534/aaf6ffb16062460fa2876879/TRC8bfnFqHV6U3TZgqM92vSVg81pP_WgV1PJ8V4DnZ3dAdHlNTr0jTJdz6ojNOjCI9YQtmpczZQu2nSKMeReW-PLn7fx_kXYdryw2JCpmmlLkzqCHTW-cKnkZmTosww7Yjgm50IIedC-cTD4okrMj28?expires=1729720800&signature=5e419291cf110bce4ca16eb2b22faffc9fedd19e3125b2a994a333d342048612&req=fSkmHs9%2FmIJbFb4f3HP0gIkWHYe6PkjxMsN25eARnSCqNIbbjH8DQpCnmqYa%0AYZQ%3D%0A) +![image](images/edit_ignore_delete_records_2.png) ## **Change the Mapping of a Record** diff --git a/docs/content/en/connecting_your_tools/connectors/manage_records.md b/docs/content/en/connecting_your_tools/connectors/manage_records.md index a14a4eb8984..fc81a021063 100644 --- a/docs/content/en/connecting_your_tools/connectors/manage_records.md +++ b/docs/content/en/connecting_your_tools/connectors/manage_records.md @@ -20,7 +20,7 @@ Records are created and updated during the **[Discover](https://support.defectdo -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1004512180/25e5f0ff8bba23800a7c622d/l-b4Vm_oV1tyCZVwQPo2KJm2DTsVPZCOwQTSV2xXSw5CB9sc9OwBZDcKyNSGXqFjOBaDxaFADjbQ_tJGM_nVn6rFFr2Vdmdx7zMwRcMUIBT3aEjSKF5iMEksZwuJigydkUP2ZuxIUZlzQ9fVvmVYEpo?expires=1729720800&signature=6306cb7f1aa9afa737ccedcaa74cda82c3e2e8c3956166fa0891abce583e830f&req=dSAnEsx%2Fn4BXWfMW1HO4zcnC6uhR8d3wWPDnXoQJQeY5bTtW3w2ujN9NrzRk%0A4ZsY%0A) +![image](images/manage_records.png) Records have various attributes, including: @@ -79,7 +79,7 @@ Once a Record is Mapped, DefectDojo will be ready to import your tool’s scans * All data created via a connector will be stored under a single Engagement called **Global Connectors**. That Engagement will create a separate Test for each Connector mapped to the Product. ​ -![](https://downloads.intercomcdn.com/i/o/1013197785/3dbf123a6fda3b38a7185bc7/Connectors+A.jpg?expires=1729720800&signature=c7f75935ff962f5f2e688fae915642793b545842c26db385f3da67e60afefba9&req=dSAmFch3moZXXPMW1HO4zbyD24POnHMJT72woKj99bWzm7uSUFDBRDBKiIRK%0AM7Le%0A) +![image](images/manage_records_2.jpg) This makes it possible to send scan data from multiple Connectors to the same Product. All of the data will be stored in the same Engagement, but each Connector will store data in a separate Test. diff --git a/docs/content/en/connecting_your_tools/connectors/operations_discover.md b/docs/content/en/connecting_your_tools/connectors/operations_discover.md index 3f09eb18a79..c29bce969e8 100644 --- a/docs/content/en/connecting_your_tools/connectors/operations_discover.md +++ b/docs/content/en/connecting_your_tools/connectors/operations_discover.md @@ -12,7 +12,7 @@ You can manage all of these processes from the **Manage Records \& Operations** -![](https://downloads.intercomcdn.com/i/o/991931761/2369607091f047ab7d9fc8f7/Screenshot+2024-03-14+at+3_58_06+PM.png?expires=1729720800&signature=a4514b13c28657c59684f62d83a2a341a021974c3039c4c1eb589378813803cd&req=fSkmH8p%2FmodeFb4f3HP0gD4PB4jnqjGHlvfM6JxkdxjjZLvtUsa3sBPCZn0%2F%0Au4Q%3D%0A) +![image](images/operations_discover.png) # Creating New Records @@ -30,7 +30,7 @@ Each time your Connector runs a **Discover** operation, it will look for new **V -![](https://downloads.intercomcdn.com/i/o/1004625297/5617e086a605102544ec5e37/Screenshot+2024-03-27+at+15_50_38+%281%29.png?expires=1729720800&signature=39ed2d006535fe6f3734ded90af212341d18725ac189fd6c93ef22efe83f22f0&req=dSAnEs98mINWXvMW1HO4zTo0ZAoA6if8rY3f2TjKX%2F98dBmwNaEs4%2B5s07hV%0Ab4FT%0A) +![image](images/operations_discover_2.png) ## Run Discover Manually @@ -41,7 +41,7 @@ Each time your Connector runs a **Discover** operation, it will look for new **V -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1004506539/8f01b33b93821550f5198bd5/v8-yUUR6-EVcDMgbo4hOYp_5Q8gT96Zua_yqvPK2yubDZS0s_SVwFBwfKq4lPjuUJEfYtaLOL5syqJi0y_jND2aQj89l2xogKQaD4lO_alleK76L4WRbttxODT2Edui0erbhJ1xQApA0pws8X-opzc4?expires=1729720800&signature=5514f4b5a2d991188e7053d287a8e61f60301eb83cdae8384090808f224577b3&req=dSAnEsx%2Bm4RcUPMW1HO4zXucwJiAhf5WfVviwSTTFchq7bwThIMffCCban%2Bv%0AzwFl%0A) +![image](images/operations_discover_3.png) # **Next Steps:** diff --git a/docs/content/en/connecting_your_tools/connectors/operations_page.md b/docs/content/en/connecting_your_tools/connectors/operations_page.md index e5b63f1f02e..2d7e1d7320e 100644 --- a/docs/content/en/connecting_your_tools/connectors/operations_page.md +++ b/docs/content/en/connecting_your_tools/connectors/operations_page.md @@ -14,7 +14,7 @@ To access a Connector's Operations Page, open **Manage Records \& Operations** f # The Operations Table -![](https://downloads.intercomcdn.com/i/o/991827471/4d72c3317f0291cd32911fa5/Screenshot+2024-03-14+at+2_10_33+PM.png?expires=1729720800&signature=383e48f88441677a74ca34118c501306bab4113071dccf81990a7c9d90f74c23&req=fSkmHst5mYZeFb4f3HP0gOmBiHLaYOL69I6UJegg%2FgTo8pPwwq0puToKhHMk%0AtVk%3D%0A) +![image](images/operations_page.png) Each entry on the Operations Table is a record of an operation event, with the following traits: diff --git a/docs/content/en/connecting_your_tools/connectors/operations_sync.md b/docs/content/en/connecting_your_tools/connectors/operations_sync.md index 79b9e08175b..08e01076052 100644 --- a/docs/content/en/connecting_your_tools/connectors/operations_sync.md +++ b/docs/content/en/connecting_your_tools/connectors/operations_sync.md @@ -33,7 +33,7 @@ To have DefectDojo run a Sync operation off\-schedule: ​ 2. From this page, click the **Sync** button. This button is located next to the **Mapped Records** header. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1004529047/60f9b6df50f0d760de32f4f8/tLFaONBcKeFaybG7_YPdNx0Pk8yU2aSaANDTWiWkRL1NK9LJKyw7YMOD9Q0W6KUj6rQT8G9WvSeQrpzmVFyHWPaCTN3H_pvvdNYQo3queMqyyiB33wdbJFzBDm_QDbUGdRpRcsr8gzIH4arl2_6zLeQ?expires=1729720800&signature=824ac56f5e429a6841c7230f3097512452145aeb02b356d875b7a527e3f15e72&req=dSAnEsx8lIFbXvMW1HO4zSTetF5h5nFufHIHQsC%2F9kC8JSzNlTSMZg1aDUs5%0A89TQ%0A) +![image](images/operations_sync.png) # Next Steps diff --git a/docs/content/en/connecting_your_tools/connectors/run_operations_manually.md b/docs/content/en/connecting_your_tools/connectors/run_operations_manually.md index 96d80c88f3e..4a23c3c2612 100644 --- a/docs/content/en/connecting_your_tools/connectors/run_operations_manually.md +++ b/docs/content/en/connecting_your_tools/connectors/run_operations_manually.md @@ -16,13 +16,13 @@ Select the tool which you want to test from **Configured Connections,** and clic * To have DefectDojo search for, and import new records from the API, click the **🔎 Discover** button. This button is located next to the **Unmapped Records** header. -![](https://downloads.intercomcdn.com/i/o/991836936/76086dea0cb2846d58bcb1fa/Screenshot+2024-03-14+at+2_21_22+PM.png?expires=1729720800&signature=0bb6b3d68adae5492db7928dbedec8559f10756593583259b65e25026988177e&req=fSkmHsp4lIJZFb4f3HP0gF3QGQtZ8dVqHD%2BP1iSP%2FmzeYzCXZIgTZHepumPU%0ACGw%3D%0A) +![image](images/run_operations_manually.png) ## Run Sync Manually * To have DefectDojo import new data from each Mapped Record, click the **Sync** button. This button is located next to the **Mapped Records** header. -![](https://downloads.intercomcdn.com/i/o/991838900/4910dc9a0b353c218a5077e4/Screenshot+2024-03-14+at+2_23_17+PM.png?expires=1729720800&signature=3300a0e96e57dc864fc6b64ba8b87ecd5551f1c3cf5017b7bdb8bc9a276f1970&req=fSkmHsp2lIFfFb4f3HP0gK3OFXi%2B%2BLng5nWOhwpc%2BdJQdRYzv2w4BBZ%2BRIh5%0AXAE%3D%0A) +![image](images/run_operations_manually_2.png) If there are no Mapped Records associated with this Connector, DefectDojo will not be able to import any data via Sync. You may need to run a Discover operation first, or map each record to a Product. diff --git a/docs/content/en/connecting_your_tools/external_tools.md b/docs/content/en/connecting_your_tools/external_tools.md new file mode 100644 index 00000000000..d9a4408fb0d --- /dev/null +++ b/docs/content/en/connecting_your_tools/external_tools.md @@ -0,0 +1,265 @@ +--- +title: "Universal Importer / Dojo-CLI" +description: "Import files to DefectDojo from the command line" +draft: false +weight: 2 +--- + +## About Universal Importer + +Universal Importer and Dojo-CLI are command-line tools designed to seamlessly upload scan results into DefectDojo. It streamlines both the import and re-import processes of findings and associated objects. These tools are flexible and supports importing and re-importing scan results, making it ideal for users who need robust interaction with the DefectDojo API. + +Dojo-CLI has the same functionality as Universal Importer but also includes the ability to export Findings from DefectDojo to JSON or CSV. + + +## Installation +1. Use the DefectDojo UI to download the appropriate binary for your operating system from the platform. + +2. Locate “External Tools” from your User Profile menu: + +![image](images/external-tools.png) + +3. Extract the downloaded archive within a directory of your choice. +Optional: Add the directory containing the extracted binary to your system's $PATH for repeat access. + +**Note that Macintosh users may be blocked from running Dojo-CLI or Universal Importer as they are apps from an unidentified developer. See [Apple Support](https://support.apple.com/en-ca/guide/mac-help/mh40616/mac) for instructions on how to override the block from Apple.** + +## Configuration +The Universal Importer can be configured using flags, environment variables, or a configuration file. The most important configuration is the API token, which must be set as an environment variable: + +1. Add your API key to your environment variables. +You can retrieve your API key from: `https://YOUR_INSTANCE.cloud.defectdojo.com/api/key-v2` + +or + +Via the DefectDojo user interface +in the user dropdown in the top-right corner: + +![image](images/api-token.png) + +2. Set your environment variable for the API token. + `export DD_IMPORTER_DOJO_API_TOKEN=YOUR_API_KEY` + +Note: On Windows, use `set` instead of `export`. + +## Command Line Options +The following options can be used when calling the Universal Importer. + +### Common Options (applicable to all commands): + +``` +--verbose +Enable verbose output for more detailed logging. (default: false) +--no-emojis, --no-emoji +Disable emojis in the output. (default: false) +--no-color +Disable color output. (default: false) +--help, -h +Show help information for the command. +--version, -v +Print the version of the Universal Importer. +``` + +## Usage: Import / Reimport +The Universal Importer supports two main commands: import and reimport. Dojo-CLI supports those two commands, and also supports export. + +### Import Command +Use the import command to import new findings into DefectDojo. + +**Import Basic syntax:** +``` +universal-importer import [options] +``` + +**Import Example:** +``` +universal-importer import \ + --defectdojo-url "https://YOUR_INSTANCE.cloud.defectdojo.com/" \ + --scan-type "burp scan" \ + --report-path "./examples/burp_findings.xml" \ + --product-name "dev" \ + --engagement-name "dev" \ + --product-type-name "Research and Development" \ + --test-name "burp-test-dev" \ + --verified \ + --active \ + --minimum-severity "info" \ + --tag "dev" --tag "tools" --tag "burp" --tag "test-dev" \ + --test-version "0.0.1" \ + --auto-create-context +``` + +### Reimport Command +Use the `reimport` command to extend an existing Test with Findings from a new report. + +**Reimport Basic syntax:** +`universal-importer reimport [options]` + +**Reimport Example:** +``` +universal-importer reimport \ + --defectdojo-url "https://YOUR_INSTANCE.cloud.defectdojo.com/" \ + --scan-type "Nancy Scan" \ + --report-path "./examples/nancy_findings.json" \ + --test-id 11 \ + --verified \ + --active \ + --minimum-severity "info" \ + --tag "dev" --tag "tools" --tag "nancy" --tag "test-dev" \ + --test-version "1.0" \ + --auto-create-context +``` +### Import/Reimport Options +The following are the command parameters, definition, and supported environment variables for the Import function. + +``` +--defectdojo-url value, -u value +The URL of the DefectDojo instance to import findings into. +$DD_IMPORTER_DEFECTDOJO_URL +--report-path value, -r value +The path to the report to import. +$DD_IMPORTER_REPORT_PATH +--scan-type value, -s value +The scan type of the tool. +$DD_IMPORTER_SCAN_TYPE +--product-type-name value, --pt value: +The name of the Product Type to import findings into. +$DD_IMPORTER_PRODUCT_TYPE_NAME +--product-name value, -p value +The name of the Product to import findings into. +$DD_IMPORTER_PRODUCT_NAME +--engagement-name value, -e value +The name of the Engagement to import findings into. +$DD_IMPORTER_ENGAGEMENT_NAME +--test-name value, --tn value +The name of the Test to import findings into - Defaults to the name of the scan type. +$DD_IMPORTER_TEST_NAME +--active, -a +Dictates whether findings should be active on import. (default: true) +$DD_IMPORTER_ACTIVE +--minimum-severity value, --ms value +Dictates the lowest level severity that should be imported. +Valid values are: Critical, High, Medium, Low, Info. (default: "Info") +$DD_IMPORTER_MINIMUM_SEVERITY +--tag value, -t value +Any tags to be applied to the Test object (can be used multiple times) +$DD_IMPORTER_TAGS +--verified, -v +Dictates whether findings should be verified on import. (default: false) $DD_IMPORTER_VERIFIED +--test-version value, -V value +The version of the test. +$DD_IMPORTER_TEST_VERSION +--api-scan-configuration value, --asc value +The ID of the API Scan Configuration object to use when importing or reimporting (default: 0) +$DD_IMPORTER_API_SCAN_CONFIGURATION +--auto-create-context, --acc +If true, the importer automatically creates Engagements, Products, and Product_Types (default: false) +$DD_IMPORTER_AUTO_CREATE_CONTEXT +--config value, -c value +The path to the configuration file. +$DD_IMPORTER_CONFIG_FILE +--engagement-id value, --ei value +The ID of the Engagement to import findings into. (default: 0) +$DD_IMPORTER_ENGAGEMENT_ID +Reimport Specific - Reimport can create new tests or update an existing test of the same scan / scope. +--test-id value, --ti value +The ID of the Test to reimport findings into. (default: 0) +$DD_IMPORTER_TEST_ID +``` + +## Usage: Export Command +Note that this command is only available with Dojo-CLI. + +To export Findings from Dojo-CLI, you will need to supply a configuration file which contains details explaining which Findings you wish to export. This is similar to the GET Findings method via the API. + +For assistance use `defectdojo-cli export --help`. + +#### Export Example: +``` +defectdojo-cli export \ + --defectdojo-url "https://your-dojo-instance.cloud.defectdojo.com/" +``` + +### Set Output Destination + +Specify one or both of these options depending on the export format you want to use: + +``` + --csv "./path/to/findings.csv" \ + --json "./path/to/findings.json" +``` +Note that Dojo-CLI will attempt to create a .csv or .json file if one does not exist already - your directory will need **write permissions** in order to do this. + +You can also create the file in advance with `touch findings.csv`, for example. + +### Filter Findings for Export + +These flags are all optional and can be used to filter out a specific list of Findings to be included in the export file. You can use any or all of these flags. +``` + --active "true" \ + --created "Past 90 days" \ + --cvssv3-score 0.0 \ + --cwe 589 \ + --date "Past 7 days" \ + --discovered-on "2019-01-01" \ + --discovered-after "2019-01-01" \ + --discovered-before "2019-01-01" \ + --duplicate "false" \ + --epss-percentile 0.0 \ + --epss-score 0.0 \ + --false-positive "false" \ + --is-mitigated "false" \ + --mitigated "Today" \ + --mitigated-on "2019-01-01" \ + --mitigated-after "2019-01-01" \ + --mitigated-before "2019-01-01" \ + --mitigated-by-ids 1 \ + --mitigated-by-ids 2 \ + --mitigated-by-ids 3 \ + --mitigated-by-names "user1" \ + --mitigated-by-names "user2" \ + --mitigated-by-names "user3" \ + --not-tags "tag1" \ + --not-tags "tag2" \ + --not-tags "tag3" \ + --tags "tag4" \ + --tags "tag5" \ + --tags "tag6" \ + --out-of-scope "false" \ + --out-of-sla "false" \ + --product-name-contains "dev" \ + --risk-accepted "false" \ + --severity "info" \ + --test-id 1 \ + --engagement "engagement_name" \ + --product-name "product_name" \ + --product-type-ids 1 \ + --product-type-ids 2 \ + --product-type-ids 3 \ + --product-type-names "product_type1" \ + --product-type-names "product_type2" \ + --product-type-names "product_type3" \ + --title-contains "title" \ + --under-review "false" \ + --verified "false" \ + --vulnerability-id 1 +``` + +**Complete Example** +This example specifies the URL, export format and a few filter parameters to create a list of Findings. + +``` +defectdojo-cli export \ + --defectdojo-url "https://your-dojo-instance.cloud.defectdojo.com/" + --json "./path/to/findings.json" \ + --active "true" \ + --created "Past 90 days" +``` + +## Troubleshooting +If you encounter any issues, please check the following: +- Ensure you're using the correct binary for your operating system and CPU architecture. +- Verify that the API key is set correctly in your environment variables. +- Check that the DefectDojo URL is correct and accessible. +- When importing, confirm that the report file exists and is in the supported format for the specified scan type. You can review the supported scanners for Defect Dojo in the documentation https://documentation.defectdojo.com/integrations/parsers/file/. + diff --git a/docs/content/en/connecting_your_tools/import_scan_files/api_pipeline_modelling.md b/docs/content/en/connecting_your_tools/import_scan_files/api_pipeline_modelling.md index ef71757e8c8..90d840aecb8 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/api_pipeline_modelling.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/api_pipeline_modelling.md @@ -46,7 +46,7 @@ If you need to access an API token for a script or another integration, you can -![](https://downloads.intercomcdn.com/i/o/1194909638/703454b50036cf2ca1a81f32/AD_4nXfIr4WW26929_IyD_QPSwgKNOuCOGjAmWDgSG8xspkV9wTnaSoAAZfDALaryqiB2oveX28Q6vjDKHvwmb0ifQeLHgBu0wiBj_3koRlREsgeVlqoaCXQsF0aKrEFRvW9nHbAcN7j3sZ5CYBf8PAlyIVdUUrv?expires=1729720800&signature=e40de8269826823a00522ded678a3c30dc87de5a6e19eeea8fc3af90cad39c9b&req=dSEuEsB%2BlIdcUfMW1HO4zeLU2UHEgkjAHhhk9dUYCHZLgsIxMijLHi39L0MB%0AIeeQ%0A) +![image](images/api_pipeline_modelling.png) ## General API Considerations diff --git a/docs/content/en/connecting_your_tools/import_scan_files/import_scan_ui.md b/docs/content/en/connecting_your_tools/import_scan_files/import_scan_ui.md index fdd4663f29d..6b3d864e88f 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/import_scan_ui.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/import_scan_ui.md @@ -33,7 +33,7 @@ The Import Scan form can be accessed from multiple locations: -![](https://downloads.intercomcdn.com/i/o/1194906679/a60baa110d050daaa532a102/AD_4nXcEnbN_x3AjBNKGsmncJsN8_L1IlYrBpTMJZxytGO_e_VB8WJku0fWpCRW0b1TsvEYkBgPgQzO9qa4qhfu1PNFZA8SVuUXbnITNbsOcy4I4VUa-r2biSV8HZQ8YkF6-ymWuVITT4yJr6faw2pU4YoeOK7v-?expires=1729720800&signature=850b7c98efd22ee1657f19fb2dbb322a31a44ba2ae5c6bd9d20c14ba4597b79b&req=dSEuEsB%2Bm4dYUPMW1HO4zU0nB9s5bQTJ2NRVzn8adEyCFbo8CH9pmXxFmv4P%0AqUkB%0A) +![image](images/import_scan_ui.png) The Import Scan form will create a new Test nested under an Engagement, which will contain a unique Finding for each vulnerability contained within your scan file. diff --git a/docs/content/en/connecting_your_tools/import_scan_files/smart_upload.md b/docs/content/en/connecting_your_tools/import_scan_files/smart_upload.md index 7e037b6512c..9fafb21b1ba 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/smart_upload.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/smart_upload.md @@ -33,7 +33,7 @@ The Smart Upload menu is stored in a collapsible section of the sidebar. * **Unassigned Findings lists all Findings from Smart Upload which have yet to be assigned to a Product.** -![](https://downloads.intercomcdn.com/i/o/1194910967/0360afc3606c62b972b29fb0/AD_4nXeghMk_jectcbz_xSEWILQ6TKfMAkJFaYqtLjaeCgjscW0-H0BAM5M2oFQxB4aY4-R6qRcFp4G1-6HP3z9uc7_mICl5JSkxw9lRnKtH4OQBkoRuRYFbtBKMhENVa0HRsuEmH8n-S3vc7s0F_3uTyPOh8Rk?expires=1729720800&signature=182c23fcf2186f97130f369f44608461240088b1545d6053de9e107a589b3ee0&req=dSEuEsB%2FnYhZXvMW1HO4zQ9CTDLAIv7psFxRziJwPE1a%2B1rCBkMxAnkniABG%0AsM3u%0A) +![image](images/smart_upload.png) ## The Smart Upload Form @@ -43,7 +43,7 @@ The Smart Upload Import Scan form is essentially the same as the Import Scan for -![](https://downloads.intercomcdn.com/i/o/1194910970/28b48ec77b1b3fd2ff19d0ea/AD_4nXddw4i_wM6uS34D1FgNp6XXc4jS-LymrQ6-CrkG2zle6mAq9Kwec0c_OrrNiyyBVfm6val4zOm6Luw_NpJcENyk2QX3eGDaPFjQDutPDHq8mbIW5UZ5wTM5va2FfKi9iJszc90_Mmv5aK6SY5wxtN_fuqGF?expires=1729720800&signature=d3665007fd8712695fb627563c2d805a1805cc9b23aaf12c4ddee2bece914413&req=dSEuEsB%2FnYhYWfMW1HO4zXr9jg9CVymHsc8jFHm%2BzRoBsZZTnkdGy3G57DLP%0A1xVl%0A) +![image](images/smart_upload_2.png) # Unassigned Findings @@ -60,7 +60,7 @@ Unassigned Findings are not included in the Product Hierarchy and will not appea -![](https://downloads.intercomcdn.com/i/o/1194910969/b302152dd308050bc2cabb3f/AD_4nXf4caWaw6HYn1LqY5zv42mQztXQyeNWMmDwQVFRZ7smFzH7rvmZ4NCmDEA3gMVBkGwl51bSvK4sSAf7o8NjtDtuaxVJsC9PLLLbLU5coe0SFHDkoAS_WnqCYSyQbDWmpoNx7dfkLoDQDg9yCj6n8mnuWXqi?expires=1729720800&signature=b68b7f0d6ad8b8761fbd5abd6e390626dbd1a5eefc32911cd11fd94ffb0eb669&req=dSEuEsB%2FnYhZUPMW1HO4zdffFk2MwOJJkdNLPpAJSJFznXtdp%2Fn2TAS3J7sE%0A5jzx%0A) +![image](images/smart_upload_3.png) You can select one or more Unassigned Findings for sorting with the checkbox, and perform one of the following actions: diff --git a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md index 34cdf235aa0..72525ace37c 100644 --- a/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md +++ b/docs/content/en/connecting_your_tools/import_scan_files/using_reimport.md @@ -28,7 +28,7 @@ The Test will track and separate each scan version via **Import History,** so th -![](https://downloads.intercomcdn.com/i/o/1194908628/52e2f3805bfbc2ef483e80f6/AD_4nXd1WNxopcweiK0ewbROIATPwKW6I4wRkMf83VQHOp3VGnwFbx3PIF_dKM_bTXxeRWdyOZRnXvlAIQUX4yPEwb0fg3P6NQZeRWY2qj6JN0T5BRaz2GZXGvbg-hWPmq2fhPCQHGUDdUMhQgFLkYN901McsDSw?expires=1729720800&signature=92270ab31ae91539655a6579d7f0b64bb18780ba93039b9457970b66e20edfbe&req=dSEuEsB%2BlYddUfMW1HO4zXlQLIbdnHicZ5UbPT1ZwpIiIYEWtY3aCewJOpvL%0Ab%2FjM%0A) +![image](images/using_reimport.png) # Reimport Logic: Create, Ignore, Close or Reopen @@ -88,7 +88,7 @@ The **Re\-Import Findings** form can be accessed on any Test page, under the ** ## -![](https://downloads.intercomcdn.com/i/o/1194908627/eb05840e395795550e54466f/AD_4nXfOUJldIKEa6Yr3NsphqeCAnOa-VlBgyLTYw0z_daFCQjNzdt_1way4w0t8nrX2ggjnllNAVqv6SfCn3BTfytYjATb6cf0tb6u-9ccz4QC6Qg8p_21aXACIMF1dTy2LeTSnpYtYwHEos9JKD5Hz7Ui4JUP7?expires=1729720800&signature=522addc1e53490316243b947db3014fcda398cf1a328d60f3473168682d55871&req=dSEuEsB%2BlYddXvMW1HO4zY5Pd0UWoQFJUVi4V0iRH%2B%2BKw1%2BMkgb%2BSEFmSpeX%0Ac54n%0A)## +![image](images/using_reimport_2.png) The **Re\-import Findings** **Form** will **not** allow you to import a different scan type, or change the destination of the Findings you’re trying to upload. If you’re trying to do one of those things, you’ll need to use the **Import Scan Form**. @@ -108,7 +108,7 @@ This table shows each Import or Reimport as a single line with a **Timestamp**, -![](https://downloads.intercomcdn.com/i/o/1194908626/72dc8e30a9f35b80e50c45d7/AD_4nXdjK_vtcbopS89UxEkLbbTF5yaKjNaEKoEbm15zq6m_yQcs8RTZWhGpD_FzaKFyp3p9ubrHfQPG1Hxa7mCuJN71_eK8f7gpiFRFrtLQavLz04J4odtBoN2HODhX-2bXgdK6hXZTQs5eoKiMU42BWc2aD7_s?expires=1729720800&signature=7e53ae3bd29381e3a20b8fdb72dd909c5271530c278fb5b1827217b0571218fa&req=dSEuEsB%2BlYddX%2FMW1HO4zaYdUMRuJgJFAp64fyc3gN8EIWfxL2bJjLRubpH%2B%0Amq%2Bo%0A) +![image](images/using_reimport_3.png) ## Actions diff --git a/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md b/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md new file mode 100644 index 00000000000..2b7eae450cc --- /dev/null +++ b/docs/content/en/connecting_your_tools/parsers/generic_findings_import.md @@ -0,0 +1,118 @@ +--- +title: "Generic Findings Import" +toc_hide: true +--- + +You can use Generic Findings Import as a method to ingest JSON or CSV files into DefectDojo which are not already in the supported parsers list. + +Files uploaded using Generic Findings Import must conform to the accepted format with respect to CSV column headers / JSON attributes. + +These attributes are supported for CSV: +- Date: Date of the finding in mm/dd/yyyy format. +- Title: Title of the finding +- CweId: Cwe identifier, must be an integer value. +- Url: Url associated with the finding. +- Severity: Severity of the finding. Must be one of Info, Low, Medium, High, or Critical. +- Description: Description of the finding. Can be multiple lines if enclosed in double quotes. +- Mitigation: Possible Mitigations for the finding. Can be multiple lines if enclosed in double quotes. +- Impact: Detailed impact of the finding. Can be multiple lines if enclosed in double quotes. +- References: References associated with the finding. Can be multiple lines if enclosed in double quotes. +- Active: Indicator if the finding is active. Must be empty, TRUE or FALSE +- Verified: Indicator if the finding has been verified. Must be empty, TRUE, or FALSE +- FalsePositive: Indicator if the finding is a false positive. Must be TRUE, or FALSE. +- Duplicate:Indicator if the finding is a duplicate. Must be TRUE, or FALSE + +The CSV expects a header row with the names of the attributes. + +Example of JSON format: + +```JSON +{ + "findings": [ + { + "title": "test title with endpoints as dict", + "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau", + "severity": "Medium", + "mitigation": "Some mitigation", + "date": "2021-01-06", + "cve": "CVE-2020-36234", + "cwe": 261, + "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "file_path": "src/first.cpp", + "line": 13, + "endpoints": [ + { + "host": "exemple.com" + } + ] + }, + { + "title": "test title with endpoints as strings", + "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau2", + "severity": "Critical", + "mitigation": "Some mitigation", + "date": "2021-01-06", + "cve": "CVE-2020-36235", + "cwe": 287, + "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "file_path": "src/two.cpp", + "line": 135, + "endpoints": [ + "http://urlfiltering.paloaltonetworks.com/test-command-and-control", + "https://urlfiltering.paloaltonetworks.com:2345/test-pest" + ] + }, + { + "title": "test title", + "description": "Some very long description with\n\n some UTF-8 chars à qu'il est beau2", + "severity": "Critical", + "mitigation": "Some mitigation", + "date": "2021-01-06", + "cve": "CVE-2020-36236", + "cwe": 287, + "cvssv3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "file_path": "src/threeeeeeeeee.cpp", + "line": 1353 + } + ] +} +``` + +This parser supports an attributes that accept files as Base64 strings. These files are attached to the respective findings. + +Example: + +```JSON +{ + "name": "My wonderful report", + "findings": [ + { + "title": "Vuln with image", + "description": "Some very long description", + "severity": "Medium", + "files": [ + { + "title": "Screenshot from 2017-04-10 16-54-19.png", + "data": "iVBORw0KGgoAAAANSUhEUgAABWgAAAK0CAIAAAARSkPJAAAAA3N<...>TkSuQmCC" + } + ] + } + ] +} +``` + +This parser supports an attribute `name` and `type` to be able to define `TestType`. Based on this, you can define custom `HASHCODE_FIELDS` or `DEDUPLICATION_ALGORITHM` in the settings. + +Example: + +```JSON +{ + "name": "My wonderful report", + "type": "My custom Test type", + "findings": [ + ] +} +``` + +### Sample Scan Data +Sample Generic Findings Import scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/generic). \ No newline at end of file diff --git a/docs/content/en/dashboard/Introduction_dashboard.md b/docs/content/en/dashboard/Introduction_dashboard.md index c6972d12ab6..bcd3a9b3001 100644 --- a/docs/content/en/dashboard/Introduction_dashboard.md +++ b/docs/content/en/dashboard/Introduction_dashboard.md @@ -7,7 +7,7 @@ The Dashboard is likely the first page you'll see when you open DefectDojo. It s -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099248472/507630ebe46f1e8aa4503560/AD_4nXcg1v8DMwyfzjBMZqMwfrre_0aX5rw7_Z4Rq7ovChpHvGqB_bERY7NIn_BPgPk4ZpIwM8uYCH93XvhcOslUD1XMuD0z_4L-lLRAt0_0Vrdk2YfJ9JsLnIKl7LF9J5OR0yF6fvgUd0D3zxlTpPX_KJjKCBbe?expires=1729720800&signature=1dc969c7b9e11b3ada4107ba15574ee5eb1c3b40e58c887eac6885b86f5839d6&req=dSAuH8t6lYVYW%2FMW1HO4zQyzfdSpho9jzf%2F8gMxshllJM3C4gseuDDW%2BQOFz%0Azjj6%0A) +![image](images/Introduction_to_Dashboard_Features.png) The dashboard has two components: @@ -26,7 +26,7 @@ Tiles are designed to provide relevant information and speed up navigation withi -![](https://downloads.intercomcdn.com/i/o/1099198236/2a80ebc78dde48b6b2276c86/crop+ss.png?expires=1729720800&signature=0c2ea009bd4cf434beac07443747470548f5a8fd457fe5a05b90cfdad4c6fee7&req=dSAuH8h3lYNcX%2FMW1HO4zYPWwqce5gycIa4Y%2BA69PP9lKEHPdB5nWRXVCQVh%0A%2Bms1%0A) +![image](images/Introduction_to_Dashboard_Features_2.png) Tiles can: @@ -75,7 +75,7 @@ This chart organizes all Findings created in DefectDojo by Severity, so that you -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099248482/420121f96a020863e0862f90/AD_4nXemOWvoO9eYna7zSoGOS_wden_SqCQu-5fm5d7oIojCZgDA7oED9XKc6nU1OwdfwJDSUAMg4mmmsWzOyp8pqQs6qgA-Zd5DFffC26XSVaNteSuwSPOVJeV3_Cia-IgZ3iE2nySVjoCIkf6W3z1etNAxXTQ?expires=1729720800&signature=6ecc5526be162686489dd05c5a059c8af334ccf3bdef1d4e09f05b5e501e5dcb&req=dSAuH8t6lYVXW%2FMW1HO4zYoeTWHpH1BMIBuK2kPbraKaCDwBpN%2F%2BOykGzGQT%0AjxW4%0A) +![image](images/Introduction_to_Dashboard_Features_3.png) ## Reported Finding Severity @@ -84,7 +84,7 @@ This chart allows you to monitor the volume and severity distribution of incomin -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099248496/1948ce9decd80d7769336eb1/AD_4nXf5qvd3rc9oWm-U_EH4tStUaE9DIpj95GTjy2c14fPuJruU9RVXqyC-HcPBATRl_wvjJqOJIIKNPKE6Ucrcmz4goaed80ccsxRJ_-NtOqVfQ2bZEJJP8JiqUXdxSJKAg2dTO-bP-5HnHM9ch35IKa6nWlo?expires=1729720800&signature=cabc0ed0d22e97a0d91432b39a72b2db750b8398b0ae4df149cf6bde937bcc5d&req=dSAuH8t6lYVWX%2FMW1HO4zbc0daBz9ubRr57LSAefv4CemogsXMj5xFtLdII9%0A3OBH%0A) +![image](images/Introduction_to_Dashboard_Features_4.png) ## Unassigned Answered Engagement Questionnaires @@ -93,7 +93,7 @@ If you have completed Engagement Questionnaires for review, those will be listed -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099248510/c6c8087c483bcaa001d8cedb/AD_4nXcdZ_8hVOsXfZwh9Mk5XrZ8VJZLzVjK8WdYczPtHExzAf7brfCq4cZ_F12_PCFRWsvU_5ICIzqctb6cD4AJZfM0oeeTIVH9Y_HRv66p0CWG95g7NAmqXKcomrP3Q66nnWmypGiA_pg5h7cVjck20JoCYgFk?expires=1729720800&signature=3645887938704e50f084e6e153703012ba481da6dcb6ee42d3a71b460b848ae8&req=dSAuH8t6lYReWfMW1HO4zZqw72Twjcx8DHx8cYYRoH7jyAeFYqxpwzZoJdT2%0ATURK%0A) +![image](images/Introduction_to_Dashboard_Features_5.png) ## Top 10 / Bottom 10 Graded Products @@ -103,7 +103,7 @@ This section summarizes the Graded performance of each Product in your instance, -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099248519/bb35260a29b3521223111a39/AD_4nXdbQ0hhxFdtwBJuHkjTKYKDYwDBHprXWq9eFmUc0Lq_dLXU4Wf1ntQQp_RrLENp4w9fVf2MpLJvz0xIJbXZIXnXvf0wpryX3dWycOYGqQqGEOMR7HXE_z3sfHJ3oCxWaRAvcvgo-upcO0f0-aGxBv5SK29Y?expires=1729720800&signature=6df3b486f4a5ae601a07d327395fd9241a4760c77215ed805adeeed5fc612725&req=dSAuH8t6lYReUPMW1HO4zfJ4ezP3qlX0vv4X6YptNnM7fTBJMOvXDSq7Lcza%0Am7WX%0A) +![image](images/Introduction_to_Dashboard_Features_6.png) Finding Counts of each severity are calculated by the tile, but note that Product Grade is only assigned based on Active Findings, so there may be Inactive Findings counted in this table which do not contribute to the Grade. diff --git a/docs/content/en/dashboard/about_custom_dashboard_tiles.md b/docs/content/en/dashboard/about_custom_dashboard_tiles.md index 36553fc2c9f..4f223c9e601 100644 --- a/docs/content/en/dashboard/about_custom_dashboard_tiles.md +++ b/docs/content/en/dashboard/about_custom_dashboard_tiles.md @@ -7,7 +7,7 @@ Dashboard Tiles are customizable sets of filters for your DefectDojo instance, w -![](https://downloads.intercomcdn.com/i/o/1099250898/404bca1e149473568dff200d/crop+ss.png?expires=1729720800&signature=47755368f0a8dbdca29e39525f65564a22b025d67e9b51796368e16018d77ad2&req=dSAuH8t7nYlWUfMW1HO4zXvTdcWRXscEwUdV8OwjwmK0av2hoFfHDgIB50xI%0AUOa8%0A) +![image](images/About_Custom_Dashboard_Tiles.png) Tiles can: @@ -23,7 +23,7 @@ Each Tile contains four main components: -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245892/8c5490bb29d7b4f030a18ef9/AD_4nXfwA_eCPCfAA35-lMO4ffSlKcvHfRXwVCfFDwhhILI4jjUZMzwGrpuze1U96t0j4qyHvA1qas-A2uyPNjTezdaiyifnvU0ek_M0u6cQrEy_5l6q-VHfH3GOyqKu9xMCwgptjGZ2seU0MFI1Xkcu9dR1kI9h?expires=1729720800&signature=41cd9a22f70dc51017855672d3c10ed400370dce7729030fcacb9a30bbfdb670&req=dSAuH8t6mIlWW%2FMW1HO4zTGMWjMSWgYAIBlHC20hq4YJxOp35zLpAV2AKudY%0AxcC2%0A)1. **A customizable icon**. You can choose an icon and color for the Tile. If you wish, you can also have an icon’s color dynamically change from Green \-\> Yellow \-\> Red based on a value range. +![image](images/About_Custom_Dashboard_Tiles_2.png) 2. **A count of each object** that meets the Tile’s filter conditions. For example, a Findings Tile will count the number of Findings filtered by the Tile. 3. **A customizable Header** which can be set to describe the function of the tile. 4. **A customizable Footer** which brings you to the related list of objects. For example, a Findings Tile’s footer will bring you to a list of Findings filtered by the Tile. @@ -51,7 +51,7 @@ These Tiles allow you to quickly select a list of Products, Engagements or Tests -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245901/b112e4dad8eb3e5049511371/AD_4nXe9B73G54RwB-G88nnS6oWo96n7-ggZLSbxb03a3DTZFdOgK6pZCJ83ExAHSmm_rWeexZhloErMfRDwdAHXjspkQcOPNths4hog-Q8j-rYMNEZWwG3TL-14qN2aGsbiEDQ4MfL5LEhY59tAjd9KSwMZXKsu?expires=1729720800&signature=d41ebdcc51f9fa05c6b486bca83ed159f1a822d06b30eb37f8db6259bac98588&req=dSAuH8t6mIhfWPMW1HO4zdZejHhWdEsouZLWNlyGuZ1y1tEPtQosw3hz%2FaB8%0ANP1g%0A) +![image](images/About_Custom_Dashboard_Tiles_3.png) The number on the tile represents the count of objects (Products, Engagement or Tests) contained within the tile’s filter parameters. Clicking the footer will take you to a filtered list of those objects. @@ -68,7 +68,7 @@ If you want to create a list of your In\-Progress Engagements in DefectDojo, you * To make sure your Tile is accurately labeled, set the Header of your tile to ‘**Engagements In Progress**’. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245912/fbc3e96d9d0fcb6d5f36876a/AD_4nXcAxJNLB-hf2RqEhI0ApBz5EqzvIX-MB9MW_viUJbAPM0NXSIo4kk4ajQbYTctDUFnUpIaSPxbg1eaajU9Ao5hypkRwk9hyyKIlwR2j7htrHO8PnRMzzFqMa0NbnhwvwMi6Z75k-xwtept8fAWjH_q7mSs?expires=1729720800&signature=2ee53595f377fca87ebddf6c7bab00ea121a652ab5dc910d75e9a9764394d220&req=dSAuH8t6mIheW%2FMW1HO4zb%2BODrc%2FMT4hTmvrqb%2F4TR81TT64e2rou8sF0eVH%0AIROi%0A) +![image](images/About_Custom_Dashboard_Tiles_4.png) You could also create Engagement tiles for one or more other states, such as **Blocked** or **Completed**. @@ -82,7 +82,7 @@ Finding tiles provide a count of Findings based on the filter parameters you set -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245918/c31bd5f3c478f0794684ed8c/AD_4nXdQgDy4rs29A5pCHDk6WlmKCYsvYajy44FSDTk9aSNPGvozAtvwO7XB8TI0K3xOAk3C1IHNJ1CqaphczS9LofLi2z_omnckucKgoYruz1Sdu_WgAisjkeBfauB_lbxmM837lqYzu4bb17GNO9256vGWB8j2?expires=1729720800&signature=73a1f802703e4119f8ff8ef835fa97f67d6ffb75e8b3b15f65d56645fa578f5a&req=dSAuH8t6mIheUfMW1HO4zePORVTEqkdK7iVtN6jVbCivpEjFJfAY6ZTPQhS2%0ABCjN%0A) +![image](images/About_Custom_Dashboard_Tiles_5.png) Using filter parameters you can track Findings in a particular state or time period. @@ -98,7 +98,7 @@ If you wanted to be able to quickly access all of your Critical Findings in Defe * To make sure your Tile is accurately labeled, set the Header of the tile to ‘**Critical Findings**’. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245930/9d5a6973c9366eae8dd6d4fd/AD_4nXcOjKshzyqeUHif7KrbeORDKe6FM4G7JvOBPWho1gZ0uR1hifDZXCklCQEUI4ulYkDPqjEUUBNgD5MX_hD7LMbrIP2YGgHEVIdw41o-z3j3C7VXegFZeCzpH5_RBr71aPDKnvRZnSwRqQW2ewml3_xDOp_Q?expires=1729720800&signature=93c118122b6efb5a518410e4a2cbf70556ffef24a1e494a29702c40a51079f03&req=dSAuH8t6mIhcWfMW1HO4zds8nsJ%2BgxUjuYiv%2BPz4Mwo2u3E6reaEF5MS7Xh8%0A902S%0A) +![image](images/About_Custom_Dashboard_Tiles_6.png) You can add additional filter parameters to make this tile more functional for your use\-case. For example, if you wanted this tile to only track Open Findings (and ignore any Mitigated Findings) you could set the **Active** filter to **Yes.** @@ -112,7 +112,7 @@ If you need to keep track of particular Endpoints, you can set up a Tile to quic -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245937/ad144be9ff33a8b4444ff590/AD_4nXepUNZnVXHIVsbpfvfC2h13w6jXUANG9sQft3ZvHGvSIBqFrbm7AYjHTdAdUXO4IhJHm-oECJLF2YoadKyiS3w5FUPlXBhtimVZs0NCARKipuX-ej0GYxT-i3W2Y07qTmZRYvPUa0OLzQ4seyWPLURoINu2?expires=1729720800&signature=481c9153d83cdea99fab30278788d03f09773f2d7f91c72d37d63757d2ecccd0&req=dSAuH8t6mIhcXvMW1HO4zQSsYYNUM4kbREMXvQBnaYsMgeVUTYM8epzxTFjX%0AHCqU%0A) +![image](images/About_Custom_Dashboard_Tiles_7.png) Clicking the footer on this tile brings us to a filtered list of Endpoints which displays their status. DefectDojo will only create and track Endpoints with related vulnerabilities, so this will not include any Endpoints which have no vulnerabilities reported. @@ -128,7 +128,7 @@ If you wanted to use Endpoints to look at vulnerabilities on a certain part of y * Set your Header to a title which describes the intended function of your tile. In this example, we used **‘Host: centralaction\-items’**. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245947/ac7f51e4310dde5b009dc512/AD_4nXec8wyXhKtfWyVct5icqvYQd1nWnE5iNqtad32P_fhIUOq7k_k7WCo2CiMoWYER9z61ZtohDHWe3OMThel5ZYr4BeV2uq64R4RiMmwh1mNY8OIHryj13mrFuuce3ubctxNoI1BUd3dc2YuOxPC5mD6is2VE?expires=1729720800&signature=72bfb702926099be4ca954ebfa9fca7e549329e16711abe9523273b76efcdc33&req=dSAuH8t6mIhbXvMW1HO4zbw1aZZSF3S5xTEJsUC0GtABK4hktPq3myVycpsp%0AHWm9%0A) +![image](images/About_Custom_Dashboard_Tiles_8.png) ## SLA Violation Tile @@ -149,7 +149,7 @@ Set the Header to describe the filter you’re applying, for example ‘SLA Viol -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245955/8576606b4010df4c361aa1fa/AD_4nXdGwX6vqdPr4ITjvsq5rJsgO8MwddFTN86EnUq9JKUtibQkXX5xZxVX1IDU3UeZ6WhMIj1dGz_GvxxdgyABTq4rFD0GlDRNvLsqioGJ4NLisrE5xIFjYyHwly9HywdgQc7vuu5WzGzzjv5_4x6vU0FiPutW?expires=1729720800&signature=ac8049bcc6095a8ae237a61e0cbb83eab4c3f1ff71d5b5d8e430f7358b071eb1&req=dSAuH8t6mIhaXPMW1HO4zfBDR3ICj1QmtNLC6aB8BxNW6Qwmak%2FkhLOGcbI4%0Alc78%0A) +![image](images/About_Custom_Dashboard_Tiles_9.png) Clicking on the footer will bring you to a list of these Findings for you to address. This tile only tracks Active Findings, but will also track Findings with an expired SLA. @@ -184,7 +184,7 @@ If you have scanning tools set to run on a weekly basis, you can use this tile t * Set a descriptive name in the Header which communicates the interval you’re testing. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245967/9745f21ae3614d9e6406f93a/AD_4nXcVb37xVMoICT7P7w1L8p0VjGYhfGFZZh7m4tO8wfatKebv8pvDhML9sZsuIJ-okh-Oyg9Cahd5M408PtzTbM0ym0qHKwNW99lB9uWiivL9PtD2vPS7NDLG0ZS09ldr7fX-iRB1q5noG0dVGcXIaJ6yvV1P?expires=1729720800&signature=1579ee824aab9d78f6d9125625c48f9162927bb4fb3fc6d861dd707392afa122&req=dSAuH8t6mIhZXvMW1HO4zXyP7F7Ov9ecGvye0gQcHXd8pHK41FspsCfWSlpI%0AUS2o%0A) +![image](images/About_Custom_Dashboard_Tiles_10.png) If you have multiple scanning intervals that you want to monitor, you can set up multiple tiles to track each one. @@ -202,7 +202,7 @@ This tile uses a comparison operator (\<, \=, \<\=, \>\=) to track Products whic -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245976/c64f3cd3a4ba9c82a287d9e4/AD_4nXfzYr-U2z4sQS5f5jzQdW-tGdUKipO2kXoznkzRP8sbGQ9rz_OW0glHfS21OrlrFxkOOVZdkZckwMnbjwrVU4UIxdMzUUjw_PwTMQ9waw6O29lynkHKh1vl2aSkt7vGq4VlIdTutW3qCYyxESOREJI4eMU?expires=1729720800&signature=ed32f49d6a96f11c7871b35f2efdfa70024e72c4397cba6044c772daffd1ca3e&req=dSAuH8t6mIhYX%2FMW1HO4zUlOMyAwa%2FpBhtlqZBy0rpjWQWAVKiIeJ7OUh0%2Ft%0A%2BpJ%2B%0A) +![image](images/About_Custom_Dashboard_Tiles_11.png) For more information on how Product Grades are calculated, see our article on [Product Health Grading](https://support.defectdojo.com/en/articles/9222109-product-health-grading). @@ -218,7 +218,7 @@ If you want to quickly access Products in your instance which do not meet your G * In the Filters list, set a **Comparison Operator** to determine the logic used in counting your failing Products. In this case, we’ll select **‘Less Than’**. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099245981/9235ca4f8edd03d04806bd4c/AD_4nXemS4UCV0AVT6i_1iVxwaYBT6aowID4cBzTB5Nmea3Y5HR2YlfmG88L0I7YLoBcXg_0r7CRiK2ZKGCrUlh5uspt7BNu8HHbE30uFedUPqXwAh03n5fMOsiFy5AWe9D7Dm3g1b_8lGJllo_wNU7BAjpGLoR9?expires=1729720800&signature=c78666efc2b09a6f852441e9ded672fb57406790f12dfe7ae6221dc84bba2423&req=dSAuH8t6mIhXWPMW1HO4zUEUoC3vBLQ%2FkccLXG3isEf2Dqdz%2BHIVM%2BRSJM2u%0ANk%2Fh%0A) +![image](images/About_Custom_Dashboard_Tiles_12.png) As with other Product related Tiles, you can set the Tile to look at All Products in your instance, or only a specific list of Products. diff --git a/docs/content/en/dashboard/add_edit_delete_dashboard_tiles.md b/docs/content/en/dashboard/add_edit_delete_dashboard_tiles.md index e479131a47c..37c32463f0d 100644 --- a/docs/content/en/dashboard/add_edit_delete_dashboard_tiles.md +++ b/docs/content/en/dashboard/add_edit_delete_dashboard_tiles.md @@ -15,7 +15,7 @@ New Dashboard tiles can be added by opening the **\+** (plus icon)menu on the Da -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099242883/d09d09f605fa9c0c98d48da0/AD_4nXffF2tsgbJPbwaqtzDJsLNehJTI5sVTtweUKKcjlZSbYW6mGSGG3-p5lwnhzvjID3ILgUJY5zp5eIhdfcNkXE22WQSAUZZLL3IPN2NWvP9LPQkdjZjwj4PyttAzEVlv6NsL6SDr681vc1HjlQsJUwyWg5Y?expires=1729720800&signature=fda39a3ac402f593b4de9106165c30ecba372d0639a621d9183a68da5e89f865&req=dSAuH8t6n4lXWvMW1HO4zZXQQjy5PbqnpMBkHB25%2BKjWEA6rK2wKVSwRBNjm%0A4Yn%2B%0A) +![image](images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles.png) Select the kind of Tile you want to add, which will then bring you to the Add Dashboard Tile form. @@ -37,12 +37,12 @@ From here you can set your Dashboard Tile’s options: -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099242892/0f6d28c17eb945dc9a664f12/AD_4nXfwA_eCPCfAA35-lMO4ffSlKcvHfRXwVCfFDwhhILI4jjUZMzwGrpuze1U96t0j4qyHvA1qas-A2uyPNjTezdaiyifnvU0ek_M0u6cQrEy_5l6q-VHfH3GOyqKu9xMCwgptjGZ2seU0MFI1Xkcu9dR1kI9h?expires=1729720800&signature=c1f05273e9a6b61f544c2e7f553d40964e42b4ee754cfda648f04da8f88e335f&req=dSAuH8t6n4lWW%2FMW1HO4zfHMOEzjomzC7%2FartNm051WDmNHk8wVBaG7sAp8N%0A5VWd%0A)* Select an **Icon** for your tile (**1\)** +![image](images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_2.png) * Set the **Header** textfor your tile **(3\)** * Set the **Footer** textfor your tile * Set the **Color** of your icon -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099242903/bb5ab796524526528cd1d7fd/AD_4nXeXuNIrQ5AXGATNXhoh6Z5hXpLdx7yp-_7A64YDXxXvnWfmYmK6BYTGsecP_z7ZPCVJoNELKotvd-zwwF1yCiQkgq8K4JY6eMUo6Nt8y0oGuHiZWs5x0EvkfgVRDHfwIEgt9VqCfshIYXtwOGjlOsn3kRjJ?expires=1729720800&signature=d3ee3511691e6818c6e3da833f64365971ca7a3167c290acf2775d4c73cbc1e4&req=dSAuH8t6n4hfWvMW1HO4zQZnKZov%2FceWz7096CXLjrLzFiy69E4isnopgvGw%0AHYNn%0A) +![image](images/How-To_Add,_Edit_or_Delete_Dashboard_Tiles_3.png) ## Dynamic Color Tile diff --git a/docs/content/en/dashboard/edit_dashboard_configuration.md b/docs/content/en/dashboard/edit_dashboard_configuration.md index 9c8e2d1e135..b9fc2430860 100644 --- a/docs/content/en/dashboard/edit_dashboard_configuration.md +++ b/docs/content/en/dashboard/edit_dashboard_configuration.md @@ -7,7 +7,7 @@ Superusers can choose which Metrics Charts are displayed on the Dashboard. To do -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099199280/bc9d8ae838857adef92e54ca/AD_4nXc3l7uyP-HlvtpuJ1V0oThgRAXeYWH8ZCqAL2zuiRHe25KzXOPyKYRB4z7tIHEEqRplgForVyHuWh4vX2Gv8k61sIhbmAa9IVtV9oMA8kkxNScTnCt54nKJp3omWs2_BB8bX7py_ZFQe7t5wZ7wQkEg8_o?expires=1729720800&signature=2af3a168547993f2aa8fef2121a0871ac49642fd78872e4d21a88493006edd76&req=dSAuH8h3lINXWfMW1HO4zTF5VEnWxvN3pLYOUUsrEr56s%2BU6cAiJk6OGXdnT%0AMhFT%0A) +![image](images/How-To_Edit_Dashboard_Configuration.png) This will open the **Dashboard Configuration Settings** window. @@ -16,7 +16,7 @@ This will open the **Dashboard Configuration Settings** window. ## Dashboard Configuration Options -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099199299/83aced4a30064409a0876f06/AD_4nXffuQ5nDf72sTyNr_x9pryABKjQ7us0xFvKMyGPalbRT5gelfueA_-wwjzPdFKrylyLoDUg0sakMcpd_9ti3j4j0sP76yKoWWnUbcm4U9AgkQhZeuYvsr941fISWUFiT8178OkQ3rPsW-e3WZxcXsZZCKKS?expires=1729720800&signature=63de51f18166abd09450ee5a90f98d366887f2d88f4001645e53b7d625ddf07d&req=dSAuH8h3lINWUPMW1HO4zVE8KDjr%2BWghghM%2BEiv2czQ1pbK%2FLaHKY2M8Y16i%0AGOZv%0A) +![image](images/How-To_Edit_Dashboard_Configuration_2.png) * **Display Graphs** determines whether or not the **Historical Finding Severity** and **Reported Finding Severity** charts are visible. * **Display Surveys determines whether or not the Unassigned Answered Engagement Questionnaires table is visible.** * **Display Data Tables determines whether or not the Top 10 / Bottom 10 Graded Products tables are visible.** @@ -31,7 +31,7 @@ If you would like to reset your Dashboard to a default state, you can do so by s -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1099199316/e3bab1241fa652fa8bd51efe/AD_4nXfFJArc_GW-f8MIU7G32pk1CGo3MQp7cIfem1SjRP0v62R4BPfJtCEuJY1y6sOBzB4nvZ5np0C2yzqo0RVXG3HyR6aB6c-Rwk0LScMILABS8VLP0R1yNZXUD8h3xbxUBhZBl6h6RPqnHymbHoHPagBaqlnS?expires=1719856800&signature=0526cd5859a78ad75bcc5b70fc34bd2b46765555dde08904f63573db108ed0bc) +![image](images/How-To_Edit_Dashboard_Configuration_3.png) diff --git a/docs/content/en/jira_integration/add_jira_to_product.md b/docs/content/en/jira_integration/add_jira_to_product.md index 01f378d4ad5..4e3bc55ec10 100644 --- a/docs/content/en/jira_integration/add_jira_to_product.md +++ b/docs/content/en/jira_integration/add_jira_to_product.md @@ -28,7 +28,7 @@ Each Product in DefectDojo has its own settings which govern how Findings are co ​ -![](https://downloads.intercomcdn.com/i/o/856486761/0295eab4cbcddfaa8580113e/Screenshot+2023-10-18+at+12.52.03+PM.png?expires=1729720800&signature=ced06369d81e12da314378ddff554bb9858e56531b1ddb422b1d5afef67c67cd&req=fCUhEsF4modeFb4f3HP0gDRlwxrKQ7C1qGDGvem7%2FE8Fb%2FJraeTPIbL7fcZA%0AaNw%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product.png) * You can link to a Product Settings page directly via **yourcompany.**defectdojo.com/product/{id}/settings.​ @@ -39,7 +39,7 @@ Jira settings are located near the bottom of the Product Settings page. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/856508823/52f747935f1a459e3e86fc8e/hF1hafMVlC5WgEQwsw3pikonDUk2YOTvriOUQ5IwYZSdBziMEMIjH1UU5jax7WBhq0-QMDlJ9XMlLgCLLWZKqpkWnVXCbe94huW0j9f_dIjyqs56_U_HkIfMyz4kTBfd5lVY9ojiSa5vkL27PzECJQk?expires=1729720800&signature=1016af7fb9854a97d063e8efe0fd71fb586dc3347f3800adbf58c7bd63356872&req=fCUhE8l2lYNcFb4f3HP0gPWOml2mPNmyR7jtT%2B5VWWMM%2B4IShk0FMDvNFDHv%0AKsA%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_2.png) #### **Jira Instance** @@ -58,7 +58,7 @@ This is the Jira Key that you want to use for DefectDojo\-related Issues. You ca -![](https://downloads.intercomcdn.com/i/o/856497270/70e6eaf428a1b87f255b750a/Screenshot+2023-10-18+at+1.04.42+PM.png?expires=1729720800&signature=6abc48a2008e34caa111a70203a44977286f8978911352bb4ae510c06736c62f&req=fCUhEsB5n4ZfFb4f3HP0gN9ny5WxtErhtTvx45WDDjl2vYFz0OHr62iGOzKK%0Asdw%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_3.png) #### **Issue template** @@ -70,12 +70,12 @@ Here is an example of a **jira\_full** Issue: ​ -![](https://downloads.intercomcdn.com/i/o/1124824955/66b150adaeba64b051ec1077/Screenshot+2024-07-25+at+2_03_46+PM.png?expires=1729720800&signature=24a1684a6df4b18b60b9992fa2f30f50b90b9d0ffd4e3070ead8651c375c5ef6&req=dSElEsF8mYhaXPMW1HO4zeHByIiE4CpUnjTjHiKUwy58XRyEJWLONZyASfZl%0A9yVY%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_4.png) * **Jira\_limited:** Issues will only track the DefectDojo link, the Product/Engagement/Test links, the Reporter and Environment fields. All other fields are tracked in DefectDojo only. Useful if you don't require full Finding context in Jira (for example, if someone is working on this Issue who mainly works in DefectDojo, and doesn't need the full picture in JIRA as well.) ​ ​**Here is an example of a jira\_limited Issue:**​ -![](https://downloads.intercomcdn.com/i/o/1124826652/d84213e22b916af53c7165ca/Screenshot+2024-07-25+at+2_05_20+PM.png?expires=1729720800&signature=b3f08859314e7065b3f6ec4bef26ae49e4863b3afb734b4c79643bb43008e7c0&req=dSElEsF8m4daW%2FMW1HO4zQ5XnsQRrja7Wwx%2FASOHGd4Z1JOMBHolBt2BU7Ym%0A%2Fg75%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_5.png) #### **Component** @@ -113,7 +113,7 @@ Select the relevant labels that you want the Issue to be created with in Jira, e -![](https://downloads.intercomcdn.com/i/o/856515252/2cb04638b743857035dfdb9f/Screenshot+2023-10-18+at+1.23.40+PM.png?expires=1729720800&signature=7e5276009204e295a410631bdcee70917418272c49a4f4f63d19c6faaae913a3&req=fCUhE8h7n4RdFb4f3HP0gHbMvU3o1kdacSZ2Nc1ZRCBbJmbD2fOk72C%2BJjDp%0ASqM%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_6.png) #### **Default assignee** @@ -124,7 +124,7 @@ The name of the default assignee in Jira. If left blank, DefectDojo will follow #### Checkbox options -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/856508853/1a12cd990af07464277c71de/yHarpjkd7J_yXpCangrpDyYVtKpiYti-n2ttCdUU07nrxdiganAVBwlVtUO-IIMCCZhUJQ7cwf175TBbqx9o7hGMJqe_a6nseoH5NNy7tI9AIzFoIWpbcJYidspZ_-oE3BgVZr50bd_Pov-TWo67aF8?expires=1729720800&signature=cbcfcc460248cf5f066f4915cc6b7c83ccccf35a918f9618ab238a04385b53ad&req=fCUhE8l2lYRcFb4f3HP0gNME15wuQsqmPhYPiUQHyBoxIJPyVMVZdGuEiZ2s%0AMZs%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_7.png) #### **Add vulnerability Id as a Jira label** @@ -143,11 +143,11 @@ In DefectDojo, Engagements represent a collection of work. Each Engagement conta ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/856508863/092011ca4636698d8001739b/7KRYqjCnbJFewjwbcicU0_TH1VX9E2driWLX-xd3L-zu1EQxKT0JG_E1LuVpxNFO9G_h4xcpcEHPpFCpWckPBZugNuK3iTdasDWFCp5zoWAtmzOFtFfVd3MMsqOlNHUm6T8Rv0Gd7RdRV4FzuyBcpsA?expires=1729720800&signature=2326ebe98fe0170236c5daeeeb86e436b6409ab329f81978c4a826090b23dec2&req=fCUhE8l2lYdcFb4f3HP0gAHfpVH32nbFvLmNZ74UKjCXKVEWwZhqdey%2BfxEQ%0ANqo%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_8.png) * How the same Engagement becomes an Epic when pushed to JIRA \- the Engagement's Findings are also pushed, and live inside the Engagement as Child Issues. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/856508874/70aa304d531b9b75bd147ae3/3YGWST-hUhnmwJVvjB2dOw3zyHV11WIP4RdscZX2LBxtkK1FMiSoIxe2yZ1-eqfVYtezXXKNS3cWhn-KZxQ7g3PkVYktM38yMsU5DomxTXMbIIQgvQpHDu1A2oQcdD0iYm8toGZUgM941kEfxb3Jk6M?expires=1729720800&signature=5781b9ab9165d385fde4f613193964464fab4605794f32588d6d64260810386e&req=fCUhE8l2lYZbFb4f3HP0gGUUkcJqUBbI%2F%2BQ%2FqslyI6BfMNNrkIa20wNQYPJF%0AYNg%3D%0A) +![image](images/Add_a_Connected_Jira_Project_to_a_Product_9.png) #### **Push All Issues** diff --git a/docs/content/en/jira_integration/configure_jira_dojo_webhook.md b/docs/content/en/jira_integration/configure_jira_dojo_webhook.md index b1d09d6ebef..0e1ca714186 100644 --- a/docs/content/en/jira_integration/configure_jira_dojo_webhook.md +++ b/docs/content/en/jira_integration/configure_jira_dojo_webhook.md @@ -15,7 +15,7 @@ Your Jira Webhook is located on the System Settings form under **Jira Integratio -![](https://downloads.intercomcdn.com/i/o/1124842050/a844a3ca5bb139961e1e5f55/Screenshot+2024-07-25+at+2_11_59+PM.png?expires=1729720800&signature=4e310776d71ec2d5692e730256dac89ccd3dbcec84bdc9b54d046445353df34f&req=dSElEsF6n4FaWfMW1HO4zUvviECqSfGZgBjFH42oXvwEqut4AG4Qfkmo4x%2Fd%0AmwA%2F%0A) +![image](images/Configuring_the_Jira_DefectDojo_Webhook.png) # Configuring Jira to send updates to your Webhook diff --git a/docs/content/en/jira_integration/connect_to_jira.md b/docs/content/en/jira_integration/connect_to_jira.md index f76351c4c21..f29b443e0fc 100644 --- a/docs/content/en/jira_integration/connect_to_jira.md +++ b/docs/content/en/jira_integration/connect_to_jira.md @@ -26,7 +26,7 @@ The first step of setting up a Jira configuration is to add a Project to DefectD ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/923276103/2e774b44ee315e9f1fe41b82/CS6sI6mueuFgwwSbGtaqfxEbPRnlIzgfznaIsJIJWgbxgqvD2FPOy6PXxiuoYKrXCvw4iRCvOJyjEudrQHuseFZoBmFAAYp0Dg-NB-nVYdXA39tPOj2fEauP4SucvbaIYR7HQlb0s6-3Hew-pVpA5vY?expires=1729720800&signature=365f08fd7d42e19ebe17ab88fb023b7300567cbaea867f08b4153367e90597ac&req=fSIkFM54nIFcFb4f3HP0gCxFHutEmNqH7jYG931BvciUfy74oWsSnQSSvalx%0A5%2Fo%3D%0A) +![image](images/Connect_DefectDojo_to_Jira.png) ​ 3. You will see a list of all currently configured JIRA Projects which are linked to DefectDojo. To add a new Project Configuration, click the wrench icon and choose either the **Add JIRA Configuration (Express)** or **Add JIRA Configuration** options. @@ -40,7 +40,7 @@ The Express method allows for a quicker method of linking a Project. Use the Exp -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/923276110/e56e505a6376018b2122b7fe/Ctw3ngxgjcN7GtRhu3UQvuXL6kRB7KXN8hrXgvmKIDsU48fDs2_YykUh_TsnbLzPwS0tmYWE92ESBPZyJUIThf4JcE0iMI3djceRKMoRAK54cuO9ywYZQTuS08D1KOzzb_SPO7t1_G6yigZ6X-EIMpM?expires=1729720800&signature=2e0fa3eb0ed45007c00921a283becb9861dda2d02d8ec30dc8ee3d70e704c9ee&req=fSIkFM54nIBfFb4f3HP0gKND0q%2BqhfaNsoM%2F9w6HI86zepJ7GdfOwgfRYqPB%0A34s%3D%0A) +![image](images/Connect_DefectDojo_to_Jira_2.png) 1. Select a name for this Jira Configuration to use on DefectDojo. ​ @@ -68,7 +68,7 @@ If you leave this field blank, it will default to **Jira\_full.** ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/923276116/18a309f58113bed538edef5c/qtggrY2_20z4Jp6uz7dxaohMrHzmJn9DXelFKtR2wGnD8ByE8ROC1SiWcEtuR1qKqkDPhXGbzHHKd6NnQ-uHpQKUTfEQ253GTmbxAEWYiKRue7SVKdzJTj3BB2EBKrRg1ersE6Yi_Xzxbh9W98LFC4w?expires=1729720800&signature=f918416686d1ccbe7ba658303ad0567c5bd97d202e5583e0fd49549664c2e73e&req=fSIkFM54nIBZFb4f3HP0gIg8xes%2B%2Baq6uUPJoKLs5nKEcgU4E2h07lSJKI99%0Apd0%3D%0A) +![image](images/Connect_DefectDojo_to_Jira_3.png) ​ 11. Click **Submit.** DefectDojo will automatically look for appropriate mappings in Jira and add them to the configuration. You are now ready to link this configuration to one or more Products in DefectDojo. diff --git a/docs/content/en/jira_integration/create_issues_in_jira.md b/docs/content/en/jira_integration/create_issues_in_jira.md index 12496589752..9e9c9fbc40a 100644 --- a/docs/content/en/jira_integration/create_issues_in_jira.md +++ b/docs/content/en/jira_integration/create_issues_in_jira.md @@ -40,14 +40,14 @@ Additionally, you have the option to push Finding Groups to Jira instead of indi ​ -![](https://downloads.intercomcdn.com/i/o/910784359/572d851c9d8292d34dd7acc7/Screenshot+2023-12-15+at+10.11.32+AM.png?expires=1729720800&signature=1b913080cd7ccd29c6193cf33923c10c80925daa92143022a3f8d0cacff4245b&req=fSEnEcF6noRWFb4f3HP0gC6hrwobes4KCfUutw28q8xS3rYZCA9CZZvLlsRZ%0Avro%3D%0A) +![image](images/Creating_Issues_in_Jira.png) ​ 3. Once the Issue is created, DefectDojo will create a link to the issue made up of the Jira key and the Issue ID. This link will also have a red trash can next to it, to allow you to delete the Issue from Jira. ​ -![](https://downloads.intercomcdn.com/i/o/910793636/2a9cd7316f118ef3e108a26a/Screenshot+2023-12-15+at+10.22.25+AM.png?expires=1729720800&signature=ff6f8c8c5ab7f7b50aa64795924805e04779cbfd9eb1991458b52c187fbe460f&req=fSEnEcB9m4JZFb4f3HP0gGKdXeVgqwRYF%2FvyituVBDqN28dqVMi%2FhmEppluu%0AUys%3D%0A) +![image](images/Creating_Issues_in_Jira_2.png) 4. Clicking the Arrow again will push all changes made to an issue to Jira, and update the Jira Issue accordingly. If '**Push All Issues**' setting is enabled on the Finding's associated Product, this process will happen automatically. @@ -75,7 +75,7 @@ The Jira Configuration on DefectDojo has entries for two Jira Transitions which ​ -![](https://downloads.intercomcdn.com/i/o/910797138/74e1c5ce3e09507d5c78b499/Screenshot+2023-12-15+at+10.26.37+AM.png?expires=1729720800&signature=01166d7f9f4ee3ed293e8ffc02afad7d4f519b7f72ba382a53b34e9754aeabaf&req=fSEnEcB5nIJXFb4f3HP0gKGxM4Pk6KLvrG1xOEGdbJCk%2FhkZvQmPj2YpZd%2F3%0AOXE%3D%0A) +![image](images/Creating_Issues_in_Jira_3.png) * When the **'Reopen' Transition** is performed on the Jira Issue, the associated Finding will be set as **Active** on DefectDojo, and will lose its **Mitigated** status. # Push Finding Groups as Jira Issues @@ -100,7 +100,7 @@ As long as the Finding Groups are being created successfully, the Finding Group -![](https://downloads.intercomcdn.com/i/o/910810290/ac1144f3e392c0f116ce31d2/Screenshot+2023-12-15+at+10.42.58+AM.png?expires=1729720800&signature=a7806351286be98a7502fbeb96a63169eb12800589253109a69141fa72457dc0&req=fSEnHsh%2Bn4hfFb4f3HP0gIyL3dh8pgNDPRYkuGHdr6COFAOSTngChYgp1zWa%0A%2FLU%3D%0A) +![image](images/Creating_Issues_in_Jira_4.png) # Change Jira settings for a specific Engagement @@ -120,4 +120,4 @@ The Edit Engagement page can be found from the Engagement page, by clicking the -![](https://downloads.intercomcdn.com/i/o/937440895/19a20d2976703a88fd1ec03d/Screenshot+2024-01-18+at+2.36.46+PM.png?expires=1729720800&signature=bec87928877d2ac08278b3bf55c4adad51fe790eb6f8afce0375281e539b14e6&req=fSMgEs1%2BlYhaFb4f3HP0gN%2FyTRYP9aPTp26R2XB063sOp%2BXtCV4UWdbUjbpa%0AawI%3D%0A) \ No newline at end of file +![image](images/Creating_Issues_in_Jira_5.png) \ No newline at end of file diff --git a/docs/content/en/jira_integration/using_custom_fields.md b/docs/content/en/jira_integration/using_custom_fields.md index b29c2dca885..62d637e6385 100644 --- a/docs/content/en/jira_integration/using_custom_fields.md +++ b/docs/content/en/jira_integration/using_custom_fields.md @@ -80,7 +80,7 @@ The JSON returned from this URL will contain all of your Jira custom fields, mos -![](https://downloads.intercomcdn.com/i/o/882536565/71741c46128f8c200eb369d5/Screenshot+2023-11-13+at+11.34.09+AM.png?expires=1729720800&signature=612c1c48aacf9036950b2a32be5de4b8e556bdb9f32d3c306af32959d8ffebdf&req=fCglE8p4mIdaFb4f3HP0gIHfoSgHpBIypMppgUBUzbLDThlL4NbgBKy13LHV%0As7g%3D%0A)⬆ Here is an example of a Custom URL Field on an issue, how the Custom URL Field appears in the JSON output. +![image](images/Using_Custom_Fields.png) @@ -122,7 +122,7 @@ As before, API output will contain lots of `customfield_##` object parameters wi -![](https://downloads.intercomcdn.com/i/o/856601116/bd33f642bb614d0baddfb47e/Screenshot+2023-10-18+at+3.14.28+PM.png?expires=1729720800&signature=b7ec0c6e661235aedbc07cf80dd4338d46ace4929aa5737efd43af8a950ecd6b&req=fCUhEMl%2FnIBZFb4f3HP0gNDIh6YnvjmzgZRTCVsNiixkS%2BgiAgilIPc87YcO%0AJVg%3D%0A) +![image](images/Using_Custom_Fields_2.png) **Example:** We know that `customfield_10050` represents the DefectDojo Custom URL Field because we recorded it in Step 2\. We can now see that `customfield_10050` contains a value of `“https://google.com”` in the `EXAMPLE-123` issue. diff --git a/docs/content/en/notifications/about_inapp_alerts.md b/docs/content/en/notifications/about_inapp_alerts.md index ab7aeff6078..76fc27823d3 100644 --- a/docs/content/en/notifications/about_inapp_alerts.md +++ b/docs/content/en/notifications/about_inapp_alerts.md @@ -20,7 +20,7 @@ You can open your Alerts List by clicking on the **🔔▼ icon** on the top rig # -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962184118/22deeae73e389cbdd474abc6/Y_0qjtDeqEFCUJETy5UEB1kHEHntla7U21Any2QxOuwxjDmesuJjU1_iBo6GKYkNQjDwqZXjGvL_e8I88ObYoIWVkK7LooXpPMM0hTFFN-Tal_PRghpRuP4ilUWSZ4lN7dcPXItzUOGi8B4D9I3ijdA?expires=1729720800&signature=fcade9f5e7166ab4063d0898a5b6951cc070de5e5774fc866fce55b71fc6f53c&req=fSYlF8F6nIBXFb4f3HP0gAGoBPbnXU8sHMlGXmUcr%2BRTENXVZNLvnsUFJsy6%0A9os%3D%0A)# +![image](images/About_In-App_Alerts.png) @@ -40,7 +40,7 @@ The Alerts Page stores all of your Alerts in DefectDojo with additional detail. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962184130/6835c7c1086d4145b0545b15/-2ZNGBc8OdCgW6jL7J2NEPP0AajeSKSBSn6k2OUWESpFOWD5GiePp907MWUSCIRyKEDGEHUE2FyDLxkyvxsYbHtiO1eV3R6XMV7WzXae3V1ZURA646O-0T33pDp-7XiMEmoAWg35wPidaKjIbjuT2GA?expires=1729720800&signature=773ae84506e9f08f3ca1bd7c0e1e1cb05cf43d048b3b92c89b8a5c4f7548ffac&req=fSYlF8F6nIJfFb4f3HP0gF%2BL0c%2FfyijSnUdI0Ho5vAzSilHO8lb8QLQHsSdu%0A6mU%3D%0A) +![image](images/About_In-App_Alerts_2.png) To remove one or more Alerts from the Alerts Page, check the empty box next to it, and then click the **Remove selected** button in the bottom\-right corner of the Page. diff --git a/docs/content/en/notifications/configure_msteams.md b/docs/content/en/notifications/configure_msteams.md index e0aa271d762..401cb61745c 100644 --- a/docs/content/en/notifications/configure_msteams.md +++ b/docs/content/en/notifications/configure_msteams.md @@ -15,13 +15,13 @@ Like with Slack, Microsoft Teams can receive notifications to a specific channel ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962180558/8d817d194ca71a420ec7f194/6Iw6VyzxVrgYJmEKYZ5gvkZgNbz5H5A5VzC41oeyNeLTkY3h24xjx-IlfhjQBJbbKtF9SdMp4VlL968WZ4BAs2FNCKABVvqKN6H7ysiFkIrAWll4CTZrYCzSvs0gJg4jFrWtWVDMQozMB5BTv-uE-5Y?expires=1729720800&signature=e8830debf4a2ce0cfe37bbd0db34f2546a384cc2d1cdb7da74a626a6d179d19b&req=fSYlF8F%2BmIRXFb4f3HP0gPLFIDf%2BmJ2lTnC0cGqSE%2BrN2f0NGLhZCqcGa4go%0AkPo%3D%0A) +![image](images/Configure_a_Microsoft_Teams_Integration.png) 2. In DefectDojo, navigate to **Configuration \> System Settings** from the sidebar. 3. Check the **Enable Microsoft Teams notifications** box. This will open a hidden section of the form, labeled **‘Msteams ur**l’. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962180570/66d613918362dd0e07f3cf34/K0Fx__nnRpEPf01jo0QQjOOeIo8wBFOew5ZbA4S3SE7loW1qfS9YxvUlS2f2OF1E52SgPiefP3eozh7Rmpee_f5AjS8sBrIHHYSpAYl7h0dUNPn6i89k48ulQk8eSl28q3S_kK7KafjZMJ2VRu7A_PM?expires=1729720800&signature=45dfcd45785169b13d866c71902efbadf0d6752e4992e5fc0af58e3f4ee7682b&req=fSYlF8F%2BmIZfFb4f3HP0gBC6zfYgJ9CJ7kYYs0o3vgn66vKuoG2LaE7wC0J2%0AdS4%3D%0A) +![image](images/Configure_a_Microsoft_Teams_Integration_2.png) 4. Paste the webhook.office.com URL (created in Step 1\) in the **Msteams url** box. Your Teams app will now listen to incoming Notifications from DefectDojo and post them to the channel you selected. diff --git a/docs/content/en/notifications/configure_slack.md b/docs/content/en/notifications/configure_slack.md index 21ef46075f6..6891c3e4c9b 100644 --- a/docs/content/en/notifications/configure_slack.md +++ b/docs/content/en/notifications/configure_slack.md @@ -13,7 +13,7 @@ Here is an example of a Slack Notification sent from DefectDojo: ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962178718/43edf527dd90ff3cdb9091d2/R4qt835O2gUnuDNS77H-7sIbmyOMPUy4V5H74MtLMGA9bQsINUdNYvzQTSkf1HQqvUfGHpCU3Qv0xIqkjqD3rlAMvoPleJv6RzZMzVSQRbQT5byXCezD_Sa-NzHQvpGu6ul7KAi_79io_HMfTPLLcL4?expires=1729720800&signature=cb78397a3593ea0ea17310b2aa4fc2a975cffcd207e869bfdf53b64fd55c793d&req=fSYlF852moBXFb4f3HP0gN2UAA5Sb1IfVjD8vnOmZttQHSPf7f6HcXfGzZbM%0AeFM%3D%0A) +![image](images/Configure_a_Slack_Integration.png) DefectDojo does not have a dedicated Slack app, but one can be easily created for your workspace by following this guide. A Slack app is required for both System and Personal notifications to be sent correctly. @@ -91,7 +91,7 @@ You’ll now need to configure the Slack integration on DefectDojo to complete t ​** -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962178744/a59023b7d47dedbcbb7cd3d4/na4CvmsQk_CMrPS2ZvVvVebWIjUkx9GE7NntAIC7Wb1u5vuHByReMjwuYNIekAZIL-tFkYZ9g7c2OS2sP-p9DAUSHlFsE_kkojG5QvjZ1iLO4GYWUa_ZUox2v7yCFNHu46cZyJLAeuC00CogZxsszq4?expires=1729720800&signature=97966950516e644f0268e0286c505926b19b66fa2f719ef53a279a73bd34e7f5&req=fSYlF852moVbFb4f3HP0gOK4lfqm2vEPAzPt%2FdIJ5HOzq9vFYtr%2BpYja6TZI%0A6R8%3D%0A) +![image](images/Configure_a_Slack_Integration_2.png) 3. Open DefectDojo in a new tab, and navigate to **Configuration \> System Settings** from the sidebar. 4. Check the **Enable Slack notifications** box. 5. Paste the **Bot User OAuth Token** from Step 1 in the **Slack token** field. @@ -102,7 +102,7 @@ Once this process is complete, DefectDojo can send System\-wide notifications to -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962178761/a5f24f6490b1a043a188441c/R4qt835O2gUnuDNS77H-7sIbmyOMPUy4V5H74MtLMGA9bQsINUdNYvzQTSkf1HQqvUfGHpCU3Qv0xIqkjqD3rlAMvoPleJv6RzZMzVSQRbQT5byXCezD_Sa-NzHQvpGu6ul7KAi_79io_HMfTPLLcL4?expires=1729720800&signature=d43c41e2c6db5c91e49f9c56cbfd21b97e7d84003c3523e65ea07d6d8c154d93&req=fSYlF852modeFb4f3HP0gCrJC5g33foXGAruLI5W3hglBldbY7jvtb8I8wvC%0AwQ0%3D%0A) +![image](images/Configure_a_Slack_Integration_3.png) ## Notes on System\-Wide Notifications in Slack**:** @@ -126,7 +126,7 @@ If your team has a Slack integration enabled (through the above process), indivi ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962178777/e91b86cd53793fdfd1b9e9e5/P8dPmKcDtxlXDUHl0gndW0vV_7yYSYczHwF2YkB7Q_xBIvww8ezjJfvu9FIY-4AJn7LWHHZRNY285MmC-5jHQmbwd2O251o_0iOVIbJ_BTnErP4gH_9kfV1Jz1CGtBVqDe9lnIGxbqErHGvnElDvekM?expires=1729720800&signature=69aaeabbb05167d590c91797a44a3e204bd8053091482f9d3b969bf2e1db68ec&req=fSYlF852moZYFb4f3HP0gLhK3cg%2BSrGOEvpkHTnb%2BmHfKk8Tj4wCUH9CmhTy%0AfqI%3D%0A) +![image](images/Configure_a_Slack_Integration_4.png) 2. Set your **Slack Email Address** in the menu. This field is nested underneath **Additional Contact Information** in DefectDojo. diff --git a/docs/content/en/notifications/configure_system_notifs.md b/docs/content/en/notifications/configure_system_notifs.md index 0673ace01fc..043ce8b1c02 100644 --- a/docs/content/en/notifications/configure_system_notifs.md +++ b/docs/content/en/notifications/configure_system_notifs.md @@ -11,7 +11,7 @@ Both your account’s Personal Notifications and the global System Notifications -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962171746/9af3408bde158d43b69606ef/8bOsrZDbI3Jv84cIYM__Mq4Ni4kAD9h1OHis_l69njgePVCIqOo4TOuTbnBW0QDl3rTjJnrFHJ-A_egFUnvkNArVgX4hklFv001nCGhkvSZv-jmIP30KtnOT0UWNmc9hzo8YCqB2oHkwfyKsYDGA83c?expires=1729720800&signature=5cd73122c8a3653130671a90861d323b90ef974ce9bf98061bac5c93356990d5&req=fSYlF85%2FmoVZFb4f3HP0gIsH4DGb8qq8lEaQ9JV7Jg73SGLBgCUn%2BAJK3Ef7%0AfLM%3D%0A) +![image](images/Configure_System_&_Personal_Notifications.png) # Configure System notifications @@ -26,7 +26,7 @@ Both your account’s Personal Notifications and the global System Notifications 4. Check the notification delivery method which you wish to use for each type of notification. You can select more than one. -![Notification settings](https://defectdojo-inc.intercom-attachments-7.com/i/o/962171756/781c4e9d72e150ca150c066c/ZN3QFH1kLyi6ZXc_feqlHTLCYtuRK02DrsKY-JkZtNPWJxmFdu-Xhb-pn4XDs2Bxv5PfNSo77Mtqz58wAV1I99qicz3N0j0VVw3kAHa57uuiU245OnLvu3HG2jQMKrdW0Iq9j6xCKigG5iJpLzDNLHo?expires=1729720800&signature=ad0e4b39f6c3a1186f0b5f2b147bb12dc709a56b134482d05751b6a636523e85&req=fSYlF85%2FmoRZFb4f3HP0gLdWfg0nBIZI5mYeAe%2Bou5OYadwX2Iohcq%2F7%2Fgw4%0AW4s%3D%0A) +![image](images/Configure_System_&_Personal_Notifications_2.png) # Configure Personal notifications @@ -52,7 +52,7 @@ In addition to standard personal notifications, DefectDojo Users can also receiv -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962171765/a70a5c32dfb0eece12ea1962/71DyfI6Gc9rdYlVWaTsa12sUFML215k-VEm2_QVZBXS_1s7l2uKykDTEVAqqzZ7EELeP9ERRfpajZnBrXl95b3QX423EbDvg-DnbdKW0QwSvgBB3fmXZOti1KtDqQBLNa8eHmnBCGVb940ZF38saTZQ?expires=1729720800&signature=cf613e2a0b6168a2ad3ae909d978a357588f198499a8d92724dbb13a573adfb4&req=fSYlF85%2FmodaFb4f3HP0gDl17An72KnPVmRLq%2FLdfPhoV3aySF8a%2BS9q9W3b%0Ajag%3D%0A) +![image](images/Configure_System_&_Personal_Notifications_3.png) This configuration can be changed from the **Notifications** section on the **Product** page: e.g. **your\-instance.defectdojo.com/product/{id}**. diff --git a/docs/content/en/open_source/upgrading/upgrading_guide.md b/docs/content/en/open_source/upgrading/upgrading_guide.md new file mode 100644 index 00000000000..e7662f7e575 --- /dev/null +++ b/docs/content/en/open_source/upgrading/upgrading_guide.md @@ -0,0 +1,70 @@ +--- +title: "Upgrading Guide" +description: "Release specific upgrading instructions" +draft: false +sidebar: + collapsed: true +weight: -900000000 +--- + +## Docker compose + +When you deploy a vanilla docker compose, it will create a persistent +volume for your Postgres database. As long as your volume is there, you +should not lose any data. + +### Using docker images provided in DockerHub + +If you\'re using `latest`, then you need to pre pull the `latest` from +DockerHub to update. + +The generic upgrade method for docker compose are as follows: +- Pull the latest version + + ``` {.sourceCode .bash} + docker pull defectdojo/defectdojo-django:latest + docker pull defectdojo/defectdojo-nginx:latest + ``` + +- If you would like to use a version other than the latest, specify the version (tag) you want to upgrade to: + + ``` {.sourceCode .bash} + docker pull defectdojo/defectdojo-django:1.10.2 + docker pull defectdojo/defectdojo-nginx:1.10.2 + ``` + +- If you would like to use alpine based images, you specify the version (tag) you want to upgrade to: + + ``` {.sourceCode .bash} + docker pull defectdojo/defectdojo-django:1.10.2-alpine + docker pull defectdojo/defectdojo-nginx:1.10.2-alpine + ``` + +- Go to the directory where your docker-compose.yml file lives +- Stop DefectDojo: `./dc-stop.sh` +- Re-start DefectDojo, allowing for container recreation: + `./dc-up-d.sh` +- Database migrations will be run automatically by the initializer. + Check the output via `docker compose logs initializer` or relevant k8s command +- If you have the initializer disabled (or if you want to be on the + safe side), run the migration command: + `docker compose exec uwsgi /bin/bash -c "python manage.py migrate"` + +### Building your local images + +If you build your images locally and do not use the ones from DockerHub, +the instructions are the same, with the caveat that you must build your images +first. +- Pull the latest DefectDojo changes + + ``` {.sourceCode .bash} + git fetch + git pull + git merge origin/master + ``` + +Then replace the first step of the above generic upgrade method for docker compose with: `docker compose build` + +## godojo installations + +If you have installed DefectDojo on "iron" and wish to upgrade the installation, please see the [instructions in the repo](https://github.com/DefectDojo/godojo/blob/master/docs-and-scripts/upgrading.md). diff --git a/docs/content/en/pro_reports/using_the_report_builder.md b/docs/content/en/pro_reports/using_the_report_builder.md index b67117095f8..3000c1ccc6e 100644 --- a/docs/content/en/pro_reports/using_the_report_builder.md +++ b/docs/content/en/pro_reports/using_the_report_builder.md @@ -14,19 +14,19 @@ The Report Builder can be opened from the **📄Reports** page on the sidebar. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668657/d149242028cea25e8114b666/qiA-SC4CLojnPIBQFJ7HkqQ5P7QQT-Hbo_4ZL1U5SLtvOjauQfK5nr276tyG28BWkHWpxbXyBlRyKEMoBJhIU05923KW7do0TdloBdZ339JIVvjTSRKC_FFW1FpUnG2xnM3LgKKXuOsgMvn5vQ-7yYo?expires=1729720800&signature=86da67f31863d06a6d6066e37461ebc3ab4fa7d1ed1e31d78dccdb6ae091293a&req=dSAiH894lYdaXvMW1HO4zYTHA4kYzFbXGD3pjms%2FaPWm4NRJKHCIfFYxrKIu%0APBVL%0A) +![image](images/Using_the_Report_Builder.png) The report builder page is organized in two columns. The left **Report Format** column is where you can design your report, using widgets from the right **Available Widgets** column. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668681/fc43eee902f2d9892c2858ad/di7AqHpuoVBD527GMbmUU4g3xViyrzF4nDIZRmKKLXKmgpu5FJU837mn-Txa0egjF7gqs10vl1ls8b6zZHFmmu4Ceu33gPd7R9LPzHXLU79-_QDiVjXNkJHOmjl6uGPmzvkrtrJmMT3bacpoRo7-a4k?expires=1729720800&signature=474de3f5c935cad8cb4564e89868ee57da2368fc8492dbe7c4f56eb5332fe0f2&req=dSAiH894lYdXWPMW1HO4zUkXPkPuwVumZ1gLKNFFUSpoSVwSph0rDjPojnwd%0Af6RA%0A) +![image](images/Using_the_Report_Builder_2.png) # Step 1: Set Report Options -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668702/757104b09b49cbcf83d3b6fc/Zl2lKAU3KWuVtlCunSK2bVyrw398CQeh8CCAOY72GVW5WMxlME59qTrQawLiuq5e8E0Da6elvpBs0Fo9HIMfMaV1O7Uvkvj_lK4uciDFgA1puiyWwss5MCWEyrLaiy6ijUoK9iJ7ygzb5afbJ4dBkKo?expires=1729720800&signature=9d421bb96e18b0407be5a6ab4b113f63a7059e469a31251d1c1d58a779632bf6&req=dSAiH894lYZfW%2FMW1HO4zd38o20biDfaLBNaWL2wZpj9WooJDzcHaIKkCAIv%0AJ%2BmV%0A) +![image](images/Using_the_Report_Builder_3.png) From the Report Options section, you can take the following actions: @@ -48,7 +48,7 @@ The image will automatically resize to fit the document, and will render directl -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668715/d62e5d01e6322c4de5753c46/75kSgNSTofd59iGYCZvmGKYKc68QCGuKvihvQ1Ghd3jwJRdbLp6YAlqa7EIUQWVk8X6scpk-ctAPx4ON67i64AeaKXtMulH4B_J41A-4PiFxPssV3yPital5bahMDRnq8BYJvA78cpzZynq07Fo5dTM?expires=1729720800&signature=dd455f58ada29c952a3bd0ff8054837692bacd7f52500f8c7c3c9d50df514dd2&req=dSAiH894lYZeXPMW1HO4zaIJOBeuo49c5ejU69mXwasRIZ6a6Gft8W1Oux2i%0AoHQt%0A) +![image](images/Using_the_Report_Builder_4.png) # Step 2: Add content to your report with Widgets @@ -75,7 +75,7 @@ The Cover Page Widget allows you to set a Heading, Sub heading and additional me ## -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668733/2522de823fd048e072c972f8/Z06otmw5EcLKbfx6JzBDqqrvkO8T6AHAgMrYYsS3RCd3PqoKZ2lL-tSoTrA-MMvnSuhPTO7kwIWbBFg6yGCKR-HpyCFCWiCztoOUVYQ7oQTJGZPTkFLpKiK_dolIHCjHRlmaZVlXpI4I0IbmGoNVGgQ?expires=1729720800&signature=1a0e94643a63175a9203668f2de2eb1ba324e9d0f4ba4402be7c8f31826a8267&req=dSAiH894lYZcWvMW1HO4zTwHGAjzTDMbJMT9RA4HP84r3prZFbAKtBemB7fA%0AD0%2B8%0A) +![image](images/Using_the_Report_Builder_5.png) ## Executive Summary Widget @@ -83,7 +83,7 @@ The Executive Summary widget is intended to summarize your report at a glance. I -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668750/9ef673c9e58e4648397a72d7/Q9_fk5LqZlgHS2N4tL2HyVB1lg5RW7ek0mipaOEWUFgi0sHmQCmJYBKngawpR7Oo7NrEuebFbWIIMHpaTEHIgB0tyCuWMgSUTqtYDi9CSZCATrobCSFvNI5fxq4xKyGJFvN9RQOpBw-ISDZfkXZoX2w?expires=1729720800&signature=d2af7dc8ca8926eddd8c3c0e6fc4b3e3800bdc6c6a75261ab4c3e797a17e4e1e&req=dSAiH894lYZaWfMW1HO4zSgZrnEu4v9f8iDvHdpabgdb31RLyLi%2B5lw286sJ%0AQXqH%0A) +![image](images/Using_the_Report_Builder_6.png) You can also **Include SLAs** in your executive summary. To add images, markup formatting or anything beyond pure text, consider adding a **WYSIWYG Content Widget** immediately after the executive summary. @@ -98,7 +98,7 @@ As each organization will have different definitions for each severity level, th -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668769/4ed67d61b24d76230e199027/vBzduetm_xuyj-Id_ea3XrWj39N90ZRakQsQTJAeghNhZjIlVJlbNiwI8DnjPkEcc0h_c7QA_Bt90bv0j4tlLbZH5Tov5Dtzp8twGcHMmWRgzuOrVbiESxHTZhA5ZHhUL-tJ32L4FzlfB4qVLtL69HM?expires=1729720800&signature=3708e508a8a083efd2b06dcf93e1c747ba81f281a92d65c0562394dc5c317465&req=dSAiH894lYZZUPMW1HO4zWi%2FMsH6d%2BF7zDGqlenGyd1o7J6UGLbpIIAdseIH%0Ax%2Buj%0A) +![image](images/Using_the_Report_Builder_7.png) ## Table Of Contents Widget @@ -106,7 +106,7 @@ The Table Of Contents Widget creates a list of each Finding in your report, for -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668783/ac40a1a4cf6754b045f2a95d/z6MDXX6XbQULSPzJ7pS334JRAsqj_ozIuEiKD4t6yYSEywEA66N-u0rLZtx4wYvUtVv0LcIgLgB7cnmvPLKJURndFWwvcmr5u_LBPdOlILkwjig1_VNqRrCTcUruAYkiaT8qzloYx9Qk8vFbzVA-g_A?expires=1729720800&signature=f3cfefa777f03101e6c2317a84ab4b68830b21d60b0467d876658109db3711ff&req=dSAiH894lYZXWvMW1HO4zTVqo38kvEyYe4VstbFGMYhKkv9412DDgaRnG631%0Ak%2BgB%0A)* Set an optional **Heading** for your Table Of Contents if you wish. +![image](images/Using_the_Report_Builder_8.png) * You can add a section of **Custom Content**, which will add text underneath the Heading. * You can upload an image to the Table Of Contents by clicking the **Choose File** button next to the **Image** line. The uploaded image will render directly above the **Heading** selected. Images will be resized to fit the document. @@ -118,7 +118,7 @@ The WYSIWYG (What You See Is What You Get) widget can be used to add a section c -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668799/7e2d199dfb523e6e9b8575e0/Zl0xqUXPzqIAHnxPqoti3dIi9Ok8BsUpVBiYj3WEy3R24b3y9t2dP4tL3CFsfRW88Py0FQL64i4X-uDL9hRUUI1CAzUOriTOmqYEYEjR7WD2PtbeDo0iN8a6SiFn2gBRGw9y36zTqol6zAE-KlNI56I?expires=1729720800&signature=669d522b6f16047bbe7e71394143d3f55fbe39fdbb35964f6ab10d2d39a1b7ee&req=dSAiH894lYZWUPMW1HO4zTHuMUGRWo1X3HdWDZf%2FwZLsh3h5gPVX4gN0Sqv7%0AO6Mu%0A) +![image](images/Using_the_Report_Builder_9.png) * WYSIWYG Content can include an optional Heading. * Images can be added to a WYSIWYG widget by dragging and dropping them directly into the **Content** box. Images inserted into the Content box will render at their full resolution. * You can add multiple WYSIWYG widgets to a report. @@ -139,7 +139,7 @@ To apply filters to your Findings widget, set the filter parameters and click th -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668827/54fbccc5dc6c37e974544f67/9tAorgi2LtsrutVn2oAi---8TxULQRm3WdUBXXYnG4Un8Hxvn-lLMF9YeyZprenDpMpn_pXlfqV0HPCxMleeKrAAfISpqCakc9DWGtChyWpy1fSTDKDJKhUqbZhXK853ILnOodbMRPMUOW3JMWyRmmA?expires=1729720800&signature=07e89018412575f5452488734e335ca52ec7c5c386a3c5b4820ed72ea44264b6&req=dSAiH894lYldXvMW1HO4zeRXczzna2ND%2FjJ5fjQdd42%2BX0Al7y0N38CoHXcQ%0ArAOZ%0A)* The resulting list of Findings will be split up into sections by **Severity Level**. Note that DefectDojo data model components (Test, Engagement or Product) will not be represented in the report, only a list of Findings. +![image](images/Using_the_Report_Builder_10.png) * As with Widgets, the Filters section can be expanded and collapsed by clicking the gret Filters header. * You can add multiple separate Findings Widgets to your report with different filter parameters if you want the report to contain more than one list of Findings. * Only the Findings you are authorized to view are included in these listings, with respect to Role\-Based Access Control @@ -151,7 +151,7 @@ To apply filters to your Findings widget, set the filter parameters and click th -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668863/33ab8747223d12cc74452025/JGKDzkDo79C7U2L2T0cC9_UKd0aCrI2R3NWZA3bAo1lcAtH3TsSNirvToX15TpDLIzdZ6qVOTWAa9tpE0bXpeZ6OLgTCA3_nMUerraHYsrhu7ZbAINVWNkd-sWs_MMg3ZwhE5Q4RYWj1_xWrcD2A1Zk?expires=1729720800&signature=9bd3481d52352937f34305772f9eb7ea6a79c191a9f2268785ce15c8dc4b32cf&req=dSAiH894lYlZWvMW1HO4zV%2Bgt3R5%2FTAnT7RYCBj%2Frv4IjWgmaLlIyRPCTtWH%0Am%2F%2Ff%0A) +![image](images/Using_the_Report_Builder_11.png) ## Vulnerable Endpoints Widget @@ -168,7 +168,7 @@ As with the Findings Widget, the Vulnerable Endpoints Widget is divided into a F -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668880/0e1efc285e326249be4179e0/Szk-7f4eMk_NKNKPAUpkzRsO5VNFwwYAGFco85IbJg4lCEHYObQFHTm0vooxwV4750IKjLkcelCD6UqYP3j2Mw2io9KGGWWxGZfLmNrL4gCIeSz91yMPVCXf4K6GKQM1sLRbwG-avNp3_OlrsFTNJeA?expires=1729720800&signature=27d50b0bb16547abf2882c11ce905c850748330b931813277d046e46b29de2fb&req=dSAiH894lYlXWfMW1HO4zVU6RSjhv0UByCQSNwvLkLTsBMiDy%2FB3c%2F2aDaSl%0AI2gy%0A) +![image](images/Using_the_Report_Builder_12.png) Select the parameters for the Endpoints you wish to include here and click the **Apply Findings** button at the bottom. You can preview the results of your filter by checking the Endpoints list located underneath the Filters section. @@ -184,7 +184,7 @@ This Widget will render a light grey horizontal line to divide between sections. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668908/6329423a4a2af18a5c1d4a7b/LUGV4_gdfMrrqWEYcVUipme5N2vHUyhHTq1K6I04-sYnApm2F7GmmgJ-WXOZBVG2hh9HqJ3szm_OipCW2jh6KLY5I3w2viOUZYhWLdduoBFeeNq5qG99Ct0erE1KJVK-NCJx03hw05roWuxsQtQGhnU?expires=1729720800&signature=f311c841a18fa3c43ace8dff97da3ecfc0d592f245e49e9588eec50c1cbcc61b&req=dSAiH894lYhfUfMW1HO4zSn2LKgUlf6SVJsVNa7AJPTnjquPDCFg66OloIGc%0ACs%2F0%0A) +![image](images/Using_the_Report_Builder_13.png) # Step 3: Publishing and viewing your Report @@ -201,7 +201,7 @@ Once your report has generated, you can view it by either clicking on the **Stat -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668933/94b598eda87056948041d01a/3p-IVZqmk3TFbZth5i8j8E6nAn4U4PRCGIZ1kUiPLqCmFXXB0VQr4r5Fod0I4Z5cgxaFtaFq1JuQJvWaxpiOEIPCUyYBsOLWEaSEsDs6gFhtSrZ3ryiVolap1Cr7Z0w0jmzufsLe_3Lfgv78U1CAALE?expires=1729720800&signature=efd7cced529fbcdf08ea0fb6c91c2dd96fa15104bc2e69abb811542f3bf4f42b&req=dSAiH894lYhcWvMW1HO4zU7eIAlzp8yFaVkMjW00jNSD7WxnDKf7klUA3Vaw%0Avkcv%0A) +![image](images/Using_the_Report_Builder_14.png) # Step 4: Exporting a Report @@ -214,7 +214,7 @@ The easiest method to use is to Print To PDF \- with an HTML Report open, open a -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059668954/b704c7ddaac96d4eb64cf5e4/JKKw_F3C8W6glSYytDhXMkewmRpKoxjwLzkU32E_YJEanOvfHEpcwnEILqet46Sep5cRqS2F4KkrwjXqF2Wu6en0d1RtfctRP-_-Sva2pbcqvHwZb3L51y6iKX1uORlK1MAjsyPxIgL1B3C2bCNxiXk?expires=1729720800&signature=a111990b482823eafc2bff32c1d23233ec1520d3ab1794c3a5c72dc526287782&req=dSAiH894lYhaXfMW1HO4zf8CfRrJhPkgv7slZsXFhSnKeIbnMRCyo37GDmYC%0ADPz1%0A) +![image](images/Using_the_Report_Builder_15.png) # Report formatting suggestions diff --git a/docs/content/en/pro_reports/working_with_generated_reports.md b/docs/content/en/pro_reports/working_with_generated_reports.md index 6b4af34e6d9..fc49e0c8cd3 100644 --- a/docs/content/en/pro_reports/working_with_generated_reports.md +++ b/docs/content/en/pro_reports/working_with_generated_reports.md @@ -10,7 +10,7 @@ Once you have created one or more **Reports** in DefectDojo you can take further * Re\-running a report with updated data * Deleting an old or unused reportsa -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059671281/7eebaaae55e5e8fb36a381af/3p-IVZqmk3TFbZth5i8j8E6nAn4U4PRCGIZ1kUiPLqCmFXXB0VQr4r5Fod0I4Z5cgxaFtaFq1JuQJvWaxpiOEIPCUyYBsOLWEaSEsDs6gFhtSrZ3ryiVolap1Cr7Z0w0jmzufsLe_3Lfgv78U1CAALE?expires=1729720800&signature=6877ef645bcd73141676996d52389b6b683b7c3874debd5cf651de9121942c39&req=dSAiH895nINXWPMW1HO4zWepnUDyncjCPKq3%2FkKW0dqikTePlld1Oi%2BUMCy5%0AbeAB%0A) +![image](images/Working_with_Generated_Reports.png) # Use a report as a Template @@ -33,7 +33,7 @@ Both of these pages can be found in the 📄 **Reports** tab on the sidebar. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059671304/ccd08efd53df3d0970c451ba/SXnDhXKLNvsz3gPfQwW9ek2RLJ_TydFt3FNWemB1kSNTkyl0tXPmq493HmbFKMwKiMLyHSMF2d9gq6kYDwH0xRxm-heHzUmAalQv7LHkj2jnfHSPeQru-kgrt1qXqHbz-UElAFbwpQZu6p0gpmJlVZM?expires=1729720800&signature=a4ab9f2e4a32458a21e2e9894fa6056310cd22086d2844411782060e861ff6f1&req=dSAiH895nIJfXfMW1HO4zUL7Ism3uP7AGXfgyZwij4MGHxy3uKUdnG4sCf7w%0AZarK%0A) +![image](images/Working_with_Generated_Reports_2.png) To access the **Report Templates** page, open 📄**Reports \> Report Templates** from the sidebar. From that table, you can open the report builder by clicking the **⋮** menu next to the report you wish to use as a template. @@ -58,7 +58,7 @@ Selecting this option will create a new report in the **Generated Reports** list -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1059671323/e1d821fba1ace5d7896bf482/jxJ7QWWvw1CKOUnS7zc5FI7UjCRKJ3qobQNSTC8lTHi663VJoqe_XbVboGcAEFR5Lulk9c0HPhfmmqaPUAxqQ54mggQG8WtpdtPSXQKOuiSXMRmREcItfJLmmqkX2l_aIcXQUbJLMGflmWIkbPTgc78?expires=1729720800&signature=acd68b15972699601dda8c6954e0fd8b812411a76f4bea58b1a37cb83dc56086&req=dSAiH895nIJdWvMW1HO4zffauUxOD2Xn6VQCrLltw35ImuPGf8piwAMDmWJL%0AHA6J%0A) +![image](images/Working_with_Generated_Reports_3.png) # Deleting a Report diff --git a/docs/content/en/user_management/configure_sso.md b/docs/content/en/user_management/configure_sso.md index 35fe1bec91f..019dd9c41d1 100644 --- a/docs/content/en/user_management/configure_sso.md +++ b/docs/content/en/user_management/configure_sso.md @@ -30,12 +30,12 @@ If you would like to add DefectDojo to your SAML Identity Provider, here is the ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962203362/711708ba18887c909eb7e315/9UD98h1gZT6IlhmTeHCFrypNcbJnRjqXLvrL4YOShDvR5DPTrr1sG8ohEkWS8d0NSPs2-Kz7jRM3CKvMfmO3CVx6V8OpiT98V75L8IyEA5iq4m1YIZmiBSsYshvuFZYcppzueBz3pA7A_5q_BuQSj2A?expires=1729720800&signature=d0240c843f37d66039cb98dd73ebee04e450002e9e31644517a207a0c54c7565&req=fSYlFMl9noddFb4f3HP0gNqGPNxDYkTTpt0uyAWrCi5EKyiDsGePVH3rfF2a%0AjNo%3D%0A) +![image](images/Configure_Single-Sign_On_Login.png) 2. Open the SAML tab from this page to configure your sign\-on settings. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962203371/122013c5bd92a17058bffcc9/WxdWys-zS52WnnWj8hN_MSd181XqoLt0ovx28_1TxiXGngclO0rZx3rHM1d6NBvbAuZLzT9YNjsrIPhlJx7UOOLkftWL2fcUzFwKzEzHxzhp30cqaECI-XTwiTekk7UNCofh7xyDyMJ4E7-MjqhEApM?expires=1729720800&signature=8783a41b09e02104c10c696be712ce843d80406da16acc9091b843057d41bb50&req=fSYlFMl9noZeFb4f3HP0gOOiXRyUrpec5LNNWeTj47Yz9rMjGNIySCYTH1xh%0AiKE%3D%0A) +![image](images/Configure_Single-Sign_On_Login_2.png) 3. Complete the SAML form. Start by setting an **Entity ID** \- this is either a label or a URL which your SAML Identity Provider can point to, and use to identify DefectDojo. This is a required field. ​ 4. If you wish, set **Login Button Text** in DefectDojo. This text will appear on the button or link users click to initiate the login process. @@ -65,7 +65,7 @@ This is a required field for this form. 11. Finally, check the **Enable SAML** checkbox at the bottom of this form to confirm that you want to use SAML to log in. Once this is enabled, you will see the **Login With SAML** button on the DefectDojo Login Page. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962203378/5569f32d153fb51d9a725e54/OCJmjuI1gLuEbNaMjpore21_xlbVFZCfcChthYdnXjkDE1W_-HyfSTDbJfASHNZX0myFYWWL0eqV0oyQ-4gOBJrSCtwn47SXDli8dPopFNZb34k9i4T2GfPfkhPi1-1J-X9-Op0EVIRvx41BPx3w0Yw?expires=1729720800&signature=512df502470da5028b0e41bfb4e1b3671260b9292f5e49ec1bc72298259fb602&req=fSYlFMl9noZXFb4f3HP0gDNvSgyDTmnMnfcjRvKa660M%2BhNfabgrDzvgB6QV%0AiX4%3D%0A) +![image](images/Configure_Single-Sign_On_Login_3.png) ## Additional SAML Options: @@ -103,12 +103,12 @@ This is a required field for this form. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962203384/0f0a7284a08e975fc6d274ad/9UD98h1gZT6IlhmTeHCFrypNcbJnRjqXLvrL4YOShDvR5DPTrr1sG8ohEkWS8d0NSPs2-Kz7jRM3CKvMfmO3CVx6V8OpiT98V75L8IyEA5iq4m1YIZmiBSsYshvuFZYcppzueBz3pA7A_5q_BuQSj2A?expires=1729720800&signature=ebc69ccc466b50855ef4e021678302c910e5122b1efe85a4f3177125c13d4818&req=fSYlFMl9nolbFb4f3HP0gDJIgX6Exhy5n7%2FXJaBEZZbyHTcVfeAqpDsS9WA7%0AgI8%3D%0A) +![image](images/Configure_Single-Sign_On_Login_4.png) 2. From here, navigate to the OAuth tab and select the service you want to configure from the list. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/962203390/feb13027b266b7f1a56c3c6a/lyWcUB9Jyf5ZQzDXvjrX830ShYi0AduEa7UJmtmZhabeNpjLhbHGNlcDtEXj6H44KFGJMmpE-ym55m-T5jvPDHoWabIMjo5hoRgOsr2fJk5EpCMyzmZ2fSE-JWMgIfDz8g6fTB2vuFQf703pcQILAgY?expires=1729720800&signature=bc4fb3d86492eaba3420063f792926ab3aaa884a36a988ad1cdd6ae6aae3d74e&req=fSYlFMl9nohfFb4f3HP0gM6xKW5NsJPRtLYFcZOwplcZ%2Bfx5dKJvKR%2BMjmNV%0AoOE%3D%0A) +![image](images/Configure_Single-Sign_On_Login_5.png) 3. Complete the relevant OAuth form. ​ 4. Finally, check the **Enable \_\_ OAuth** button from below, and click **Submit**. diff --git a/docs/content/en/user_management/create_user_group.md b/docs/content/en/user_management/create_user_group.md index 45d2a0c73c1..827ae3461d9 100644 --- a/docs/content/en/user_management/create_user_group.md +++ b/docs/content/en/user_management/create_user_group.md @@ -25,7 +25,7 @@ From the sidebar, navigate to 👤**Users \> Groups** to see a list of all activ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079761/712571bc01294b06a69f4a75/MyDzT_XoLuguPYYu-jYuxHDf7urnjOypLok54WxCA88r1caHioJ_AjU6g0cp-XeoHXWVOSQdq2TlSc1J5H78RlccvDMyFv0paQAtHvabw6c5cnl3R8Y1sj3if2Ni0Q4a1DhCckGQEJ0uhCZSa-x-rYQ?expires=1729720800&signature=266260581e0d4dea599e0f18ee5a36005c4ea8acc2dcd882f80001d2752c5e70&req=fSImFs53modeFb4f3HP0gKKxkEmyAyXmnaNXsirSbxKVavgPKGJu2ESwFp86%0ApfI%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions.png) From here, you can create, delete or view your individual Group pages. @@ -37,12 +37,12 @@ From here, you can create, delete or view your individual Group pages. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079764/e30476ab659d14a4f8757289/2dNPkv1wOi5PKzWKBbWVvPTtaKfJVqDGYfpaF74xInRWSZqXC_b-TIElh4WAfrkAdpne7Iui1DbJh0_zEw4-FCAYyD9KSbKynTS82C_pCU1ygmAfWCn5OzJIuWNPjrq2tDHi6vmXrICShlKpLK5dXac?expires=1729720800&signature=e0878a84fe1fee82d3ba86986d0773bedb5ce7452830733df051888410677502&req=fSImFs53modbFb4f3HP0gGswuHXW7%2FYi8FztZDlHEplrynEg2twBM0Ox%2BfWb%0A5u4%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_2.png) 2. Click the **🛠️button** next to the All Groups heading, and select **\+ New Group.** ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079767/0ccb7d312491d6a541473120/rVrL3MqVwr5qbaaoRSXLbbkjCqUk8CaIoOrjsWz8D4jKQICS2FfubQrGG-bI9lVgck4I3d507JqxEyOTA5dLpBTwT1QLmZieJp4TLy4L4DrEuTJ_7BuCDEW7nSG5I0pfNnY1NHl4ApaX5Ln5VgMzfuk?expires=1729720800&signature=9875e736e82c53498d7c86ad3ab57906af97f64534b3f5db88529e6719ba35ff&req=fSImFs53modYFb4f3HP0gCD3rTq2mqi%2FFPfIxL%2Bxb1q9ZM%2BZers2Kue24YVe%0AMxg%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_3.png) ​ 3. This will take you to a page where you can create a new Group. Set the Name for this Group, and add a Description if you wish. @@ -90,14 +90,14 @@ User Groups can have as many Users assigned as you wish. All Users in a Group wi ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079770/9a9f19af98b041623f19a56c/oXOX7TJ8-K_WeDroI1ZVOj4tbuf0TMHq9wxpq3u26vx44ENod9yi34HSs4nUVEiBaUgJsCapAAXdvlqZrjvQX7P-kxnVJv6Epsny_XWtghfKGIlM3OQlnArBJaizVWVtr7RIin4T4u-YX2jPGtwm-q0?expires=1729720800&signature=70d578a3df150519a97f85be9ef2aac116c9ea8df0f0c0c9aab6792b4c9e2366&req=fSImFs53moZfFb4f3HP0gAFcZJqqJABM2WUm3gv7ScUito2Kkdq7ZBRtDsWu%0ADBY%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_4.png) ​ 2. This will take you to the **Add Some Group Members** screen. Open the Users drop\-down menu, and then check off each user that you wish to add to the Group. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079773/777298e97a2172e654f1f77a/6a4nKNf2cr8VCeolc582OrMYTnVzWf9pOv6dTMN3t6-ZPjAJNBlPZ16E4Vq7hZlxsxoEo_MKtamMXpcYNtQynpOgMEMS9ahkMKkyHmaxQMoYiYyD4mUddoHumcgGo3b-VOFY1qy1WdMaZMuzOWS9GM0?expires=1729720800&signature=0851422a51c995da3cfd6c18b217df94ef6bb255a0d0e00d695c8806cd994a10&req=fSImFs53moZcFb4f3HP0gFTmp5bLFIVr9fnQY2PdDO3EX7f3pa1Xa2m3AmEE%0AyNI%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_5.png) ​ 3. .Select the Group Role that you wish to assign these Users. This determines their ability to configure the Group. @@ -116,7 +116,7 @@ Note that adding a member to a Group will not allow them access to their own Gro **🗑️ Delete** removes a User's Membership altogether. It will not remove any contributions or changes the User has made to the Product or Product Type. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079778/193ac17a68c21ef5229951f3/Ug7EpgZStTlGoOAWO6WEknzosB6acOsSgF04BsZvcXRc7JJizHPC2UyVtf6ypy8BPU_1DQfiGbFoqF3pnzgGl-AKJH4P2XNGoRqcd0Ly_sfDRgu52Oxt6hMsINrs0P1cPg7b5BDfoUcoxUGy6EW7E8U?expires=1729720800&signature=bc910b6a0fcadb8b8f2ebf49f8cec043d119a2a0700055815e2cd4b8d323b880&req=fSImFs53moZXFb4f3HP0gArlRtyu1xTrpSR6BsYwG8rs5B%2FrH2fgSSCmZdUw%0AGX0%3D%0A)## +![image](images/Create_a_User_Group_for_shared_permissions_6.png) # Managing a Group’s Permissions @@ -139,11 +139,11 @@ You can register as many Product Roles or Product Type Roles as you wish in each ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079782/1351085e5eb5763357887942/9n3qx3_Sbq6cYiLPkmeQCg02PN2vtL9E0a9YdHMpd1Q-sOjPa5V8t1xbfYLuzGCIASxWjT0eeMNCkBrRJTjhmrMagtTokYMnTyaoPVj_xNYxDX5OETGG4YyCijX_fI8MbXVENbRyPpu9VIK4PaO1Sv0?expires=1729720800&signature=813980ed7ae28c03ca9e2e5a32278696b255cd55741a4aa05d9aae4ea36aa337&req=fSImFs53moldFb4f3HP0gGJyBYZ775rIcOsteH0gSFLF3MozOewQY7w3TZde%0AsKw%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_7.png) 2. This will take you to a **Register New Products / Product Types** Page, where you can select a Product or Product Type to add from the drop\-down menu. -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079788/5ea383bf7e5731dfd17da056/WmQMy4lQB6sjZiK3cgtwd9mp2Oq9sddpAen_x29eS4PVe6SmMrNfu89Yhyb5I4NaYRpuEodCDS9G2yZ_5A5zRsj0xDzDx7-rsXTDebrJex07_Fx-6I0Nm8aXegeT9VEbseWsfM_Ze_Ph_fW_ugZB88M?expires=1729720800&signature=1af25adf0b17ac8381925baaa1bd605ef3be819c092e1110337637177bb4a978&req=fSImFs53molXFb4f3HP0gDHgkPXPNZKRkVqADhXUQTWPO0VU0XYsQtm3DUxZ%0AUUk%3D%0A) +![image](images/Create_a_User_Group_for_shared_permissions_8.png) 3. Select the Role that you want all Group members to have regarding this particular Product or Product Type. @@ -162,4 +162,4 @@ Assign View, Add, Edit or Delete roles from the menu in the bottom\-right hand c -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921079793/a85168d32a80424848c5a6f3/2LqjWP6T3Qj0QLSbmz9lIGWHJgZkf0rSDTMMIzrQkL2P4KdJafWK3t9MZLNd65dU13W6xGOlWUwWgykBzOHedNpHRuBjgTYCvF_gbE8R7VKNfJ_dqLnk0HoNKJl5_qQ92kB-iRzIbfbCYpdSi8tbwH0?expires=1729720800&signature=30ecc0453d9d3ee1067ed11e2e9cda0f664080737fbea1d5fdc6646336a17c78&req=fSImFs53mohcFb4f3HP0gO8Rmd0izzZL7KQaS2qP%2FVU3oxhlqj5pKisfrFNQ%0AEtU%3D%0A) \ No newline at end of file +![image](images/Create_a_User_Group_for_shared_permissions_9.png) \ No newline at end of file diff --git a/docs/content/en/user_management/set_user_permissions.md b/docs/content/en/user_management/set_user_permissions.md index bfc17d01cef..a2c02abf0f2 100644 --- a/docs/content/en/user_management/set_user_permissions.md +++ b/docs/content/en/user_management/set_user_permissions.md @@ -42,7 +42,7 @@ By default, the first account created on a new DefectDojo instance will have Sup ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088885/49c62c711a3c48cda2d0f46a/4tacIUafivFb_ju8ii4dvCF4qnCGT1ZUPLAFP2uHdkcO0nntMgLk4V2m6BO3Hd_aRjK_Ivx7HKEa_x3lFVTZJ2Sr-llUBnG4OIsJLppyFl7zzVEOFDlV69pPtNy4Qz8fslEt_ofwCWw9xeXipYcHxFQ?expires=1729720800&signature=e68d2f5001311dc6ed0709309f255315c8a98c54f7a907d6794db9069af0baae&req=fSImFsF2lYlaFb4f3HP0gBqwDj2FOqeiaXGhVvQWwTRLmeyM7l6AyrQ%2FJiOn%0AYUc%3D%0A) +![image](images/Set_a_User's_Permissions.png) ​ 2. Click the name of the account that you wish to give Superuser privileges to. This will bring you to their User Page. ​ @@ -50,7 +50,7 @@ By default, the first account created on a new DefectDojo instance will have Sup ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088889/3e17242c961974a7123f628a/Q8IgH7ucjqbqGd2-b94pc-zQgSVHqW2Olj7m-jENbpaOZNZrOj9WkYiptya-zeMa3u-GXtunys7BBipAIxoSHtQoVhTTAelcNIvWiYC71lZsWxThEwUFecZF3TVyy4PmluxMkSBjPiHDvT-zjvYjHsw?expires=1729720800&signature=93c6b6dc04a176f903de40fecdf2b4042ee177d8f5eb20574eef3d7432b33892&req=fSImFsF2lYlWFb4f3HP0gNz3X5m3J2OGLTvs0YS0wl7%2BnHULfElrbz%2FcFDbF%0An3E%3D%0A) +![image](images/Set_a_User's_Permissions_2.png) ​ 4. From the Edit User page: @@ -61,7 +61,7 @@ To assign a Global Role, select one from the dropdown Global Role menu at the bo ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088893/dc5a8396e99a2d90e09bf5e9/Q8IgH7ucjqbqGd2-b94pc-zQgSVHqW2Olj7m-jENbpaOZNZrOj9WkYiptya-zeMa3u-GXtunys7BBipAIxoSHtQoVhTTAelcNIvWiYC71lZsWxThEwUFecZF3TVyy4PmluxMkSBjPiHDvT-zjvYjHsw?expires=1729720800&signature=22d9f11705570d018ab011b4b0cf3861e9d60e81a403f05b6c3385cddedc3df4&req=fSImFsF2lYhcFb4f3HP0gEHWxU%2Fw7IhY1p%2B8xccylok4xhfqgvF8k4tVqRb6%0AuKw%3D%0A) +![image](images/Set_a_User's_Permissions_3.png) ​ 5. Click Submit to accept these changes. ​ @@ -93,14 +93,14 @@ If a user has already been added as a Product Type member, and does not require -![](https://downloads.intercomcdn.com/i/o/921087191/89e6c1560a6f12458bfd60ab/Untitled+drawing+%281%29.png?expires=1729720800&signature=96ecb577cdc13498af657fd587b0fa8092b851d1a4420bdb5bb92f0e1dfdba75&req=fSImFsF5nIheFb4f3HP0gH8G8wzNAN%2F5uhd6ytu1ZIqaHRpLkQ5g7uSKvc6n%0ARW4%3D%0A) +![image](images/Set_a_User's_Permissions_4.png) 2. Locate the **Members** heading, click the **☰** menu, and select **\+ Add Users**. 3. This will take you to a page where you can **Register new Members**. Select a User from the dropdown Users menu. 4. Select the Role that you want that User to have on this Product or Product Type: **API Importer, Reader, Writer, Maintainer** or **Owner.** ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088898/911644c75e529f4f36408a33/3KQGHqXCpiCIntLoKJCTnJTIPDumnQ288VSGAirzzQLv0P4w4tGKzeBoupA9Y8g-e_9emazzpJ59sywnkkVpJk5DhmWHwhkQjvu76JhIw_gyvCIZBPKogIb_bI3wr-eZDApCEfvpL6UuPcO3q3sSBcQ?expires=1729720800&signature=3b6df84cb44e7e1d8b070d2e015bd374dc3bae4f56f5a56af3d283cd79ea480c&req=fSImFsF2lYhXFb4f3HP0gC3Dcl8NRYb791Gt2hJngopsfDqm3RlIMSPLOXJH%0AASg%3D%0A) +![image](images/Set_a_User's_Permissions_5.png) Users cannot be assigned as Members on a Product or Product Type without also having a Role. If you're not sure which Role you want a new user to have, **Reader** is a good 'default' option. This will keep your Product state secure until you make your final decision about their Role. @@ -117,7 +117,7 @@ Within the **Product** or **Product Type** page, navigate to the **Members** hea -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088901/4d9da1df5f52f9457422f991/vz995X6_fV0KC8i0mGZm6A3YYlTXBiJquoqXf4jUZ-ric3WqFj5IC9QmWsB5vAw6CLqPz8oxuMX9KFV2wlDi0W2UvOitNl-ID4hYEA5GUWN8pslt7n0gpdrmk9-Lg7cqlTjAN15y9Vc0tfpReatFiAc?expires=1729720800&signature=5a205bf6a5b9f12ff144cde08633a1e510494d71180932b03d7d8daed770e3d8&req=fSImFsF2lIFeFb4f3HP0gLeO3ql9vXX0terru04tP2SCmsisptfRp%2BPTjgid%0Ae%2BA%3D%0A) +![image](images/Set_a_User's_Permissions_6.png) 📝 **Edit** will take you to the **Edit Member** screen, where you can change this user's **Role** (from **API Importer, Reader, Writer, Maintainer** or **Owner** to a different choice). @@ -190,7 +190,7 @@ Configuration Permissions are not related to a specific Product or Product Type ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/921088906/449d16d74c2ddbf786af42c3/4tacIUafivFb_ju8ii4dvCF4qnCGT1ZUPLAFP2uHdkcO0nntMgLk4V2m6BO3Hd_aRjK_Ivx7HKEa_x3lFVTZJ2Sr-llUBnG4OIsJLppyFl7zzVEOFDlV69pPtNy4Qz8fslEt_ofwCWw9xeXipYcHxFQ?expires=1729720800&signature=f40bb9c5be475ca93773f4e967a62929ba8d6c1e74998ae4f3cf2b2ce60b9dfd&req=fSImFsF2lIFZFb4f3HP0gC9vVNNi8Mjqu8Pj33LrnUR7spDzj5S4DmrcT56Z%0A244%3D%0A) +![image](images/Set_a_User's_Permissions_7.png) ​ 2. Click the name of the account that you wish to edit. diff --git a/docs/content/en/working_with_findings/finding_deduplication/avoiding_duplicates_via_reimport.md b/docs/content/en/working_with_findings/finding_deduplication/avoiding_duplicates_via_reimport.md index 8b0ee61d3c0..4339cae8b7a 100644 --- a/docs/content/en/working_with_findings/finding_deduplication/avoiding_duplicates_via_reimport.md +++ b/docs/content/en/working_with_findings/finding_deduplication/avoiding_duplicates_via_reimport.md @@ -84,7 +84,7 @@ This table shows each Import or Reimport as a single line with a **Timestamp**, -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1072559379/da50b8239d865c6f98fc63c1/AD_4nXejcQLbylSeEMEkwYFrpxjGC1qkw7DQWwEQDCGhE7XrZSOGd_kNkAQNxHReNuFG3HivbQW-r6_NhC799O-rm3O2v_tBeTLtuqKFOuCDPng1qvmhQNeFwZ-whwp6CzdaQVy3Vir6pR3Kln9CRxzX2u6dTZY?expires=1729720800&signature=d5205cc3ff455b2643173a38835faf8a06f5ec4cc7c57c646ec7e78fa62678e4&req=dSAgFMx7lIJYUPMW1HO4ze2b3g1yLkBVYYHceZ4nu9nWxFX94Pj8EZWhdT2l%0ATMnX%0A) +![image](images/Avoiding_Duplicates_Reimport_Recurring_Tests.png) ## Actions diff --git a/docs/content/en/working_with_findings/finding_deduplication/enabling_deduplication_with_engagement.md b/docs/content/en/working_with_findings/finding_deduplication/enabling_deduplication_with_engagement.md index c1198f983a6..f7d2ac65984 100644 --- a/docs/content/en/working_with_findings/finding_deduplication/enabling_deduplication_with_engagement.md +++ b/docs/content/en/working_with_findings/finding_deduplication/enabling_deduplication_with_engagement.md @@ -15,19 +15,19 @@ Rather than Deduplicating across an entire Product, you can set a deduplication ​ -![](https://downloads.intercomcdn.com/i/o/1196253571/bcc773bae11e0974316d9669/AD_4nXciYtqXNeAAzCO_WbTM5mS7X0gyNp13Wj0MAs1bHrlE0_rdLWxDQVJhhRbit89miW_HDlHt7uj9OMLEzETEiAnoXUWQ84H5RzIWjiybriFkMIRrBxB3Ay0Xg3TCZV8bqSoockHPKM_7udgjdYgPBelwcT0?expires=1729720800&signature=7d44908ba9093dc59a62061480bd26b60d9609824c1e458f5ef32de3cadfd860&req=dSEuEMt7noRYWPMW1HO4zXFaqgGz7VtHBjy63Irk3DfPNitCTrREpnVC492Y%0AHTye%0A) +![image](images/Enabling_Deduplication_within_an_Engagement.png) ​ * To enable Deduplication within an existing Engagement: from the **All Engagements** page, select the **Edit Engagement** option from the **⋮** menu. ​ -![](https://downloads.intercomcdn.com/i/o/1196254637/7e441a6b39b65379e5d0258f/AD_4nXdOAfa7o32j4v3mFahzL_gjSykP7gvEAHGStpR7yw9YIyXbECukfQ3_DYU0zwuzUDBHmY5Y5yVq5LD_qtjYciLNVCH0h19XFSpunFSOPrA8TsNAwJr25J6Ik41MAcYDOeKbCYF0PMHgCvv5CztO7i8SbbZ1?expires=1729720800&signature=8d0d98729d1f0b7193fd386b137f7117569b912ffffce90ea218f6729f325c6d&req=dSEuEMt7mYdcXvMW1HO4zdhz%2FS3XYYEKT4KNIN5P6B3a9gWbvcLFnD1A4A2v%0A7pBZ%0A) +![image](images/Enabling_Deduplication_within_an_Engagement_2.png) * You can also open this menu from a specific **Engagement Page** by clicking the ⚙️Gear icon in the top\-right hand corner. ​ -![](https://downloads.intercomcdn.com/i/o/1196254509/1b93ba5ddb5fb8a1fc906ece/AD_4nXcF0S-MTcABjEW4VheppDRqp0LTeIEiVr5rAaoon87pMQzzF9cZeK6ZRal_djcKgTTiVAe9QFSW7uq0WlWNix9ZjWIbKqtzEWsOoGYOeA8l2uquOvvBKUZkY2CtrcswclqhuR0teoun06e1jMf3yTQifptb?expires=1729720800&signature=1008cb3fb40ba04d33f9b7c35a6a450fa5b36a67c3cf22209bae9b686d4842b3&req=dSEuEMt7mYRfUPMW1HO4zXjnnOfTxm0gaugjxFbGD8K2XwiFzVsTeS%2Fx3BkJ%0AyjRC%0A) +![image](images/Enabling_Deduplication_within_an_Engagement_3.png) # Completing the Edit Engagement form @@ -37,4 +37,4 @@ Rather than Deduplicating across an entire Product, you can set a deduplication 2. Click the ☐ **Deduplication Within This Engagement** box. 3. Submit the form. -![](https://downloads.intercomcdn.com/i/o/1196254909/e83b69fc7648fcaa7d4375d6/AD_4nXdIwMiOxcYE3nJqTQoIE1ViuNm7uUj8tXrI4GD2X27vNHWrBftniw5rNxPCDrd-8zL6085kSR8SfAGF7bDyzvEJAOVZDb8at2h4VX2rTbwyhJEJQOdk4yrMApzIR3S69XcIdR59wZogYo7I3m4e1KezMYVw?expires=1729720800&signature=94609d56cd8ba25a82a3bc62254eb2bb66f445a8dada8357637768a12a8090c3&req=dSEuEMt7mYhfUPMW1HO4zQ4wI0%2BWyDKzeg0IWM1rEWvzJlRMDNqiyK2yUCDl%0A63pX%0A) \ No newline at end of file +![image](images/Enabling_Deduplication_within_an_Engagement_4.png) \ No newline at end of file diff --git a/docs/content/en/working_with_findings/finding_deduplication/enabling_product_deduplication.md b/docs/content/en/working_with_findings/finding_deduplication/enabling_product_deduplication.md index a247b6435de..b7eeb37cac5 100644 --- a/docs/content/en/working_with_findings/finding_deduplication/enabling_product_deduplication.md +++ b/docs/content/en/working_with_findings/finding_deduplication/enabling_product_deduplication.md @@ -10,12 +10,12 @@ Deduplication can be implemented at either a Product level or at a more narrow E -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1124595466/23510e2be09c57c31794ddbf/AD_4nXc_etHPxb2G3QGrOuEK3jNUcQevdHrW7fhe1DF-Oeom5oZFFdTmTmnM1tZpABw6ROzUbbu9DN9szFMKHCUxNWjqBOWKxk-AsYaVwpM4CPAAuKrMju_BqRLrl1vGIABLQaiXTEhVOSJOG5r71eSLuYMs1ZUQ?expires=1729720800&signature=15fe9ccd68bea2289aafaf51e2a0158bb8170f03cc21b6e2b5c8936eee5ba3f5&req=dSElEsx3mIVZX%2FMW1HO4zUxInD5pTrydt8XM8g5%2FosYwTdr%2FFJmlu8o7z1Ey%0AypWn%0A) +![image](images/Enabling_Product-Level_Deduplication.png) 2. **Deduplication and Finding Settings** are at the top of the **System Settings** menu. ​ -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/1124595482/5c6e4140b748d743380db52a/AD_4nXczFRPMaaBteblXtLfkioIjnUmaYz5Z2voT_wskuvTBDFBoqWV7F8Ncte1qYrgwhZ-TYhvFYTNbQoEjj_dgbpGfnvWt-nJ3Jxo046VxDAA1YmPcZRmJQwprmTWpkNNKAoROh_lUWEtZiehwJ-v-MU8mqNR9?expires=1729720800&signature=477386cba875c6d0eef54c5a9657ccd17320ac1f5355e6d5c2604a81049065a2&req=dSElEsx3mIVXW%2FMW1HO4zfS9u6vQjS6vS8fDvrkeJ6fkTP%2FTlmiDVWCQsro%2F%0Aqjfg%0A) +![image](images/Enabling_Product-Level_Deduplication_2.png) ## Enable Finding Deduplication diff --git a/docs/content/en/working_with_findings/finding_status_deduplication.md b/docs/content/en/working_with_findings/finding_status_deduplication.md index 5a2ed6759df..9322c289658 100644 --- a/docs/content/en/working_with_findings/finding_status_deduplication.md +++ b/docs/content/en/working_with_findings/finding_status_deduplication.md @@ -79,7 +79,7 @@ When a Finding is Under Review, it needs to be reviewed by a team member. You ca -![](https://defectdojo-inc.intercom-attachments-7.com/i/o/985091935/822f376964d68879e7a4681b/QFGEwU-GN1KKusdUrgO79c-tO2xHoxGf_KJKGAly5-kbFqUgrZ4ucsbvdeoEU1KGqppGGIA-8A3gtLc76DOTwxb9QCdswOB9DDZQISGWbxdp97qnTnYjeXwQVRirdSWmFxhk3kDJxHhUs1w5z8vxaXA?expires=1729720800&signature=c8cee4ebaf9ec90f9865a4615ea2cafbb127a24c1e799570703b3fe5f0375a45&req=fSgiFsB%2FlIJaFb4f3HP0gJeA1SZaCA1dNNYzqvbz6cG3w4UWa9xdE2Lq7jiz%0Ap4k%3D%0A) +![image](images/Finding_Status_Definitions.png) ## **Risk Accepted** diff --git a/docs/content/en/working_with_findings/findings_workflows/bulk_edit_findings.md b/docs/content/en/working_with_findings/findings_workflows/bulk_edit_findings.md index 52b8705b40c..164ed2df2c0 100644 --- a/docs/content/en/working_with_findings/findings_workflows/bulk_edit_findings.md +++ b/docs/content/en/working_with_findings/findings_workflows/bulk_edit_findings.md @@ -23,7 +23,7 @@ Selecting one or more Findings in this way will open the (hidden) Bulk Edit menu * **Delete: delete the selected Findings. You will need to confirm this action in a new window.** -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204643191/7924c15fbd2501b5a5e4b8fe71e3/AD_4nXer6k5QNaqhZs1J_hL6iuSLPvb8rHb-MdkW0pXJMf-V8x0cup_i0D0lnLHR3njiPTbVksdPHlsZ_UBmRy0m1t0zojl-M9dmSCfM0vk4PEQoPijdUfiv2PtwIqeSdJGfq4rZzCFJkaqJRibweVmucx5CEbM?expires=1729720800&signature=a12f0f004827941909402f24c36cd3a561a40709b013fcb5a4107878c3d7a278&req=dSInEs96noBWWPMW1HO4zXtiW9%2FFHhjCVKf5fbU6dSDW8tlXaxh7cSUWPAyF%0Ac20A%0A) +![image](images/Bulk_Editing_Findings.png) ## Bulk Update Actions @@ -37,7 +37,7 @@ Through the Bulk Update Actions menu, you can apply the following changes to any * Apply **Tags** or **Notes** to all of the selected Findings. -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204643192/2e01da408c1c8577257f36a74b43/AD_4nXcKzDiYnBIXMeEADA94q5TOEsbekEvXcB1lGVpbf94uO-mhLTo8AFnNF-FPSVYQlt1lyLRZNvNKz1POM2355bhJf0LUnxvYHjiBiD03k0TX41ZomVMOBEDlFb1enxpUSD2nw_ZU8EepAfsh-aH4Moca7n8?expires=1729720800&signature=74e51fe72c571f3b082a7ecee8684a85926aee8f9008c7a1097657eb24893868&req=dSInEs96noBWW%2FMW1HO4zRJT2q6EAbAjOLg8OA%2FoX1CY5iBqsc4giZcOa9%2Fp%0ACy9Q%0A) +![image](images/Bulk_Editing_Findings_2.png) ## Risk Acceptance Actions @@ -45,7 +45,7 @@ Through the Bulk Update Actions menu, you can apply the following changes to any This page allows you to add a **Full Risk Acceptance** to the selected Findings. You can either create a new **Full Risk Acceptance** or add the Findings to one that already exists. -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204644667/a5f2736f84de2f0cd77b04a0f9d4/AD_4nXePV5J0MY919X4dR2UdUSgzKT7cW9LvybGRHUaX3w0b5RQM3ySJUxhELJNSfq9tagOPiGb8N1iq2V3q7kdJ5ymLIiP5HVGSm8exP3vy_ZffAtpKv6vST6cojD7hAh-9ZHmmZg-khe0GM6m9MRkhqs-2_dY?expires=1729720800&signature=837eb6067922019a34ea694f13a3543844c735c23045322de7e53875030e5f64&req=dSInEs96mYdZXvMW1HO4zT4P2n9ZNwcwoSpDvuwOAfL%2BgCUq1%2BgkyhJ5AoRn%0APDRp%0A) +![image](images/Bulk_Editing_Findings_3.png) ## Finding Group Actions @@ -57,7 +57,7 @@ However, Finding Groups can only be created within an individual **Test** \- Fin -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204644883/6c30db7dce1c5c83e52195dc4fbb/AD_4nXeJRkRhtYmQ2suWzq_HIXWloIzKee1SAZ55tHdfIyI0hPOwIRdouZJXynlg0jHqkANarx34TTulLyTGNCHmSzd6aXHj5XJQ7CZXi82RRgTFIaVtDIb8HNofipknoSinugyyBaciW6wBt2sfvqjgB-5v0t8C?expires=1729720800&signature=2db1f51df35195bfba6640bf1b57cf2a2eeb6f2acf3f4fcba6d59c7306bfa078&req=dSInEs96mYlXWvMW1HO4zU0com58eS0SDjBSIgJ8buJr5hH5unUcrKxIQk10%0AWsRi%0A) +![image](images/Bulk_Editing_Findings_4.png) ## Bulk Delete Findings @@ -66,5 +66,5 @@ You can also Delete selected Findings by clicking on the red **Delete** button. -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204643187/1f5a6460d056fa521fc6d72a31cc/AD_4nXd0HP5saZ5unMQT9Hyv53DvcecF-eZT-hT_a2XUvoYLdGJNL_gGK0k77YRi_Udcvo5cfDhCo95spM5AShUFEAyYUmXSiNvaA1KQbKhUNCdxlIlkH-hSGl2CfNNn5sCVWz8adjPT8fGvzsmXn3c8R5Fw6lwl?expires=1729720800&signature=6969cfebf6052fd687d388f69737ac0109322104d50d082b4591c10aed2ecf45&req=dSInEs96noBXXvMW1HO4zRM%2FyKneOnX09YRnkV%2BmXEPubkbUVrmV074qxpI7%0AX53%2B%0A) +![image](images/Bulk_Editing_Findings_5.png) diff --git a/docs/content/en/working_with_findings/findings_workflows/create_findings_manually.md b/docs/content/en/working_with_findings/findings_workflows/create_findings_manually.md index 600fde6d096..cf9917ff25b 100644 --- a/docs/content/en/working_with_findings/findings_workflows/create_findings_manually.md +++ b/docs/content/en/working_with_findings/findings_workflows/create_findings_manually.md @@ -11,10 +11,10 @@ Normally, most of the Findings in your environment will be imported from other s ​ -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204646258/e2fab38379d284ad5b2aebffa718/AD_4nXeSTWP8bHEisluYG3PatY0V1Bw34F5193ydejr8BNDLZCZFphUNmok3jYtHZB_6Pnnbq6-b0pVc0jp5ZNEGQ9tO9iUv2JmhE2AjDc5o_yV0zloiqpbObujzjTgR84uu7KpnrUJ-wSpG5C8fKEYkAYLR6PiQ?expires=1729720800&signature=3a90174da1ae920701127a961a7cefb9baa980425e1baeb872f64c0ed5972a9c&req=dSInEs96m4NaUfMW1HO4zZjmOGH99gF4kHGAj1PnTvbgHifpl4o%2BR8%2BvHpJ3%0AG7g9%0A) +![image](images/Creating_Findings_Manually.png) ​ 2. This opens the **New Finding** form, which you can fill out with any relevant information surrounding your Finding. You will need to assign this Finding to a previously created Test in DefectDojo. -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204645582/e2bfe82da64a254f2b5cbece2f28/AD_4nXeUMvPiS6NmxgUGcQSYel14w-O6N0Fa9De1LEX8tPOZpV8u5Cdp2FWgF2FB9LV7uyZ1O_I9YQFSQEfhKonOHdXrSBfi64LsaxMYFnnmo61Qvq1cswTsN0GtCFgvsxQUkPBuvd_ozJDvirDxWk--pHPt174V?expires=1729720800&signature=7f520ae406bf2876462b2a5d2d18b1f18ba2f8b30b18810454c6aa7f212357d5&req=dSInEs96mIRXW%2FMW1HO4zSpdNgBXR0m7lIF0Qe0vTqPPflkCMa%2BVwfFOLuIo%0AXX0j%0A) \ No newline at end of file +![image](images/Creating_Findings_Manually_2.png) \ No newline at end of file diff --git a/docs/content/en/working_with_findings/findings_workflows/editing_findings.md b/docs/content/en/working_with_findings/findings_workflows/editing_findings.md index a954d195782..c708cde96e7 100644 --- a/docs/content/en/working_with_findings/findings_workflows/editing_findings.md +++ b/docs/content/en/working_with_findings/findings_workflows/editing_findings.md @@ -14,13 +14,13 @@ You can update a Finding by opening the **⚙️ Gear** **Menu** in the top and -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204632847/caabbaa73e3ef1bad6d5afd0c0c3/AD_4nXc-cAVmWrNapE3BCbl21cYhzGEzqrV0o4zodyvkqLDjYjqvNrBM67_otDPrXN2vsMYkNLdcZFzvVqezCgTUrRmQIzgtNvb4cRTE9kdpc88bpV8oSXOvNcHywzO-huexpt4P6fxGgPEsSDO6zJk8N3z5ZWUo?expires=1729720800&signature=22b34d4835d8a263cf7a88501eed00e460d632f75e0053937123db9133e7a411&req=dSInEs99n4lbXvMW1HO4zfYhXR6UzORlNJ7u6J8QRDrXXi9HNu3VCLIi6oKU%0ApZLf%0A) +![image](images/Editing_Findings.png) This will open the **Edit Finding** form, where you can edit the metadata, change the Finding’s Status and add additional information. -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204632848/e42a82139f528b871c01165d9b4c/AD_4nXdFNE-8nMU2l4QB-XtB6-VIYSQQkBQV6ftDNSZVGQP8EMft5gsns2T-XW82aqa0qDFGvDe2lI6IBiz6doLZMQDQf3UhHROVy5IvrctL5CozTO2RbD_E_ucl75_dHk327Oh2Zi3Pw8wnkrtk_4iadpPdXlIP?expires=1729720800&signature=80692fc66497b589d53b91a22e47873bb3cc79201110a484add3a47969f5cff7&req=dSInEs99n4lbUfMW1HO4zbhYFPglAYUL38JRhBdLBlt3Yjr8W%2FF3HwChTLmN%0A5gmh%0A) +![image](images/Editing_Findings_2.png) ## Edit Finding Form: Fields diff --git a/docs/content/en/working_with_findings/intro_to_findings.md b/docs/content/en/working_with_findings/intro_to_findings.md index 2b7d38b0f68..22ad33f1f75 100644 --- a/docs/content/en/working_with_findings/intro_to_findings.md +++ b/docs/content/en/working_with_findings/intro_to_findings.md @@ -40,7 +40,7 @@ The Finding Page contains various components. Each will be populated by the Impo -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204626420/d4b31aeb933a01a91c8f9fcbab53/AD_4nXeCuL73nA2NQtVBVqVJPKGjtd-RbuuqPn2CpxasGuOplzjTfVjR_VaOyfWqxaOueQOzf9OXNnCCWZttl6OGDA5jVtYhG3gT0kqAKXQw7m0MADYtJ8WocQ5FWHDys6UhIc54DdQtlwhRJqLqM06ApretgQ8b?expires=1729720800&signature=5fdaf3b96d90627f967590cbbcd16a974954e553b5fca4a45d8cdf70040b15e8&req=dSInEs98m4VdWfMW1HO4zR0l5%2BsqlD4BklyhzEusXAB9j0VOFPYkQ%2B7zhpyj%0ARB4q%0A) +![image](images/Introduction_to_Findings.png) 1. **The Title of the Finding:** Usually this is a descriptive shorthand which identifies the vulnerability or issue detected. This section is also where user\-created Tags are displayed if they exist. ​ 2. **Finding Overview:** This section contains five separate pages of relevant information for the Finding: Description, Mitigation, Impact, References and Notes. These fields can be populated automatically based on the incoming vulnerability data, or they can be edited by a DefectDojo user to provide additional context. diff --git a/docs/content/en/working_with_findings/organizing_engagements_tests/product_hierarchy.md b/docs/content/en/working_with_findings/organizing_engagements_tests/product_hierarchy.md index ba5011d71e8..f14068f135a 100644 --- a/docs/content/en/working_with_findings/organizing_engagements_tests/product_hierarchy.md +++ b/docs/content/en/working_with_findings/organizing_engagements_tests/product_hierarchy.md @@ -22,7 +22,7 @@ The first category of data you'll need to set up in DefectDojo is a Product Type * by development team * by security team -![](https://downloads.intercomcdn.com/i/o/886742892/642722b973c01c39a0aa533e/Product+Type+Hierarchy.png?expires=1729720800&signature=f416d0eee2d29e5a926c9f7287579efffb74ccf55aeecb8bf9b3884cd1572801&req=fCghEc18lYhdFb4f3HP0gMX0MoIxq3p7ta8SylkRlAboMhPkbdVx3E69%2Fny%2B%0Ai3A%3D%0A) +![image](images/Product_Hierarchy_Overview.png) Product Types can have Role\-Based Access Control rules applied, which limit team members' ability to view and interact with their data (including any underlying Products with Engagement, Test and Finding data). For more information on user roles, see our **Introduction To Roles** article. @@ -46,7 +46,7 @@ A **Product** in DefectDojo is intended to represent any project, program, or pr -![](https://downloads.intercomcdn.com/i/o/886743202/725d5bedab67b7fa1f6b6ed4/Product+Hierarchy+%282%29.png?expires=1729720800&signature=ba717a51a34144947926a7cc2c0ec99034e93fd5def26a17e05f1f162c8c0599&req=fCghEc19n4FdFb4f3HP0gKcjfuSKAo3raoDOoFM14rwusH%2BZxfDNYtoJF2%2BC%0AYBE%3D%0A)Products always have: +![image](images/Product_Hierarchy_Overview_2.png) * a unique **Name** diff --git a/docs/content/en/working_with_findings/risk_acceptances.md b/docs/content/en/working_with_findings/risk_acceptances.md index c7d461b9d39..b82321af917 100644 --- a/docs/content/en/working_with_findings/risk_acceptances.md +++ b/docs/content/en/working_with_findings/risk_acceptances.md @@ -47,17 +47,17 @@ Risk Acceptances can be added to a Finding in two ways: * Using the **Bulk Edit** menu, when looking at a list of Findings * Using the **Add Risk Acceptance** button on an individual Finding -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204636819/b9dd073262332f1944c0cfacfd2a/AD_4nXfy5v0NTmT2-wzbXdnxwNZtiYLk18QuyFJM0t6uhv_8RToYIsjB0d9jKIKeYoVF2jEIL_XSnYVgGsnMP2D5EdkyuJg0ilLdjR--1QhI_l81yP8yPmmlpO4UkUlANShbUsvOT6VqSFD5jNKPAqenonX7GnSM?expires=1729720800&signature=1115c41a7aa8dec8ac1854137467fcba167b85c3b479cdd97a625b19a75ab611&req=dSInEs99m4leUPMW1HO4zeaRgo0pTnme8fBYAl4WbyXDzvLafNSr2o%2BGMLsB%0AcNM2%0A)## +![image](images/Risk_Acceptances.png) -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204636820/11762eeeaf483c78d521d7446ca1/AD_4nXe9Mit2Y220ayEJR0rbzABrWY24WQ1LUfZJCZgBsM_0V24ZMJcWGr6U6REZYP2PMGmSuN0Dk60kT_2LSDkG9Jo2XC3t_uumxIOFlWJ7Qg4f7clfC1S_DZWvy811Gzrj4dTm1WJzR1Z7XIkVBgZn5jXrjTt1?expires=1729720800&signature=1cf2c1b627251a1063864290fc3e005c24c43ac5caddc7721ae5e2a5e9270fd7&req=dSInEs99m4ldWfMW1HO4zRkGaztiDiOJcg%2Bp%2FR3%2FI2bFU4DBwLfqHSfAvvJw%0ACeTp%0A) +![image](images/Risk_Acceptances_2.png) To create a New Risk Acceptance, complete the Add to New Risk Acceptance form on a Finding you wish to Risk Accept. # -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204636818/9419eeece88da46563d490017da3/AD_4nXcEwS6HnTQUszfs2jHj7pEXXZnDqskbX2sVw-pWhBfvuuzr5fowhUuz53rMWLbkLJCEg0jMSA-41MIgLXoksJEDHswtmkX5gExVwSmYme6KqR4Y4Pav-vWPz47vJ6fVvj1v7ZE4VqEEieLQNkuIVYVevMI?expires=1729720800&signature=3a873d6c6f98ce933165f4225de1333a537f3c67f38936f57a7328af1d7262a3&req=dSInEs99m4leUfMW1HO4zWGsfrz%2FC8qjBdsvsU%2BkGkqvMVSR%2FYsJZwwE%2FuT0%0AoDt6%0A)1. Create a **Name** for the Risk Acceptance. +![image](images/Risk_Acceptances_3.png) 2. Select the **Owner** of the Risk Acceptance \- this is generally meant to be the DefectDojo team member responsible for the decision to Risk Accept the Finding 3. Complete the **Optional Fields** with any relevant information. If you want to set an Expiration Date or a Warning for that Expiration Date, you can do so here as well. If you don’t specify a date, the Default Risk Acceptance / Default Risk Acceptance Expiration days will be used from the **System Settings** page. 4. Select whether you want to **Reactivate** or **Restart SLAs** on any associated Findings once the Risk Acceptance expires. @@ -89,4 +89,4 @@ The sidebar in DefectDojo allows you to quickly find any Risk Accepted Findings -![](https://downloads.intercomcdn.com/i/o/tj2vh1ie/1204640131/447a5095df2fb468d8fbe43d4a1d/Screenshot+2024-10-04+at+2_23_38%E2%80%AFPM.png?expires=1729720800&signature=127f9a6b5dd30515098838117a5fbe61b2464fadfa93d6f630c9fd8c39b48ca9&req=dSInEs96nYBcWPMW1HO4zT2bUZxwU%2FbqrPBD4qx8knM3HZEXsp9ooOlsDdne%0A5t8q%0A) +![image](images/Risk_Acceptances_4.png)