ThreatMapper icon indicating copy to clipboard operation
ThreatMapper copied to clipboard
verified publisher icon deepfence

Defect Dojo integration

Open tarrinho opened this issue 1 year ago • 1 comments

Additional context Defect dojo is an aggregator repository of vulnerabilities and it would be interesting to have an integration between ThreatMapper and it.

Describe the solution you'd like The main goal would be to have vulnerabilities detected by Threat mapper and injected into Defect dojo (https://owasp.org/www-project-defectdojo/) where they could be correlated with other tools.

Describe alternatives you've considered Instead of an integration, a simple extraction of information from Threat mapper could be enough. It could be just a standard extraction of data in CSV or JSON.

Components/Services

  • [ ] UI/Frontend
  • [X] API/Backend
  • [ ] Agent
  • [ ] Deployment/YAMLs
  • [ ] CI/CD Integration
  • [ ] Other (specify)

Additional context List of Defect Dojo integration: https://www.defectdojo.com/integrations

tarrinho avatar Jan 26 '24 09:01 tarrinho

Hello @tarrinho -- Thank you for raising this request. Do feel free to submit patches if you have any handy.

Do note that while we get to roll out this feature, if defect dojo already has a HTTP endpoint readily available, ThreatMapper can send data to that HTTP endpoint.

Thanks

shyam-dev avatar Jan 28 '24 06:01 shyam-dev