DefectDojo
Tenable deduplication setting and advance unittests for issue 9612
see issue #9612
I observed with this retest that the deuplication setting is not good enough for Tenable. Thus, I fixed this as well.
Contextual Security Analysis
As DryRun Security performs checks, we’ll summarize them here. You can always dive into the detailed results in the section below for checks.
| Status | DryRun Security Check |
|---|---|
| ✅ | Sensitive Functions Analyzer |
| ✅ | Configured Sensitive Files Analyzer |
| ✅ | Sensitive Files Analyzer |
Chat with your AI-powered Security Buddy by typing @dryrunsecurity followed by your question into a comment.
Example: @dryrunsecurity What are common security issues with web application cookies?
Install and configure more repositories at DryRun Security
![dryrunsecurity[bot] avatar](https://avatars.githubusercontent.com/in/377039?v=4 "Published by a pub.dev verified publisher"){kind=small}
Someone asked about using description in the dedup algorithm for Tenable, here's why:
Tenable parser aggregates finding by endpoint, and appends the description of the new finding to the original: CSV: https://github.com/DefectDojo/django-DefectDojo/blob/2181c61ef50f7b11d63f4612c1064fec89770760/dojo/tools/tenable/csv_format.py#L157C2-L161C59 XML: https://github.com/DefectDojo/django-DefectDojo/blob/2181c61ef50f7b11d63f4612c1064fec89770760/dojo/tools/tenable/xml_format.py#L226C1-L228C71
