Sebastian Kawelke
Sebastian Kawelke
Related to: #78 Requirement (currently marked as unmet): > The project MUST provide reference documentation that describes the external interface (both input and output) of the software produced by the...
The project should implement the OpenSSF Best Practices. The degree of implementation should be disclosed via the official badge of the OpenSSF Best Practices Badge Program.
As a user, I want to mark a risk as a false positive in FlawFix, after consultation with a technically responsible person.
As a user, I need to be reminded at set intervals (e.g., every 6 months) to revalidate existing false positives or accepted tickets in DevGuard. Maybe even something like: "Hey...
As a user, I want to mitigate my risks in FlawFix according to the following schema: - **Accept:** Justify the action without identifying a risk responsible. - **Mitigate:** Integrate with...
As a user, I wish to set a specific CVSS 4.0 score in FlawFix that will automatically accept a risk when exceeded.
Implement CVSS 4.0 Threshold Recommendation for Automatic Risk Acceptance: As a user, I want to get a suggested CVSS 4.0 threshold value in DevGuard, beyond which a risk is automatically...
As a user, I need the ability to download reports as PDF documents from FlawFix.
As a user, I want to receive reports at a set interval via email from DevGuard.
Feature to Include Custom Recommendations in Reports: As a user, I want to add my own recommendations to the reports generated in DevGuard.