Adding "Cyberwatch" Scan Type to DefectDojo #11435
Replies: 1 comment 2 replies
-
|
So, from a high level, we're always happy to add a new security tool to those supported by DefectDojo. You have a couple of choices: (1) If you're not comfortable writing Python code, supplying example files from Cyberwatch that are sanitized / don't contain any sensitive data allows someone else from the community to create that parser. (2) If you're comfortable writing Python, then feel free to write a new parser for Cyberwatch. Things to review before doing this contribution: Note: We just radically updated our documentation site so there's likely to be some broken links while we chase those down.
If you can convert the output of Cyberwatch to either a CSV or JSON that matches the format of the Generic CSV or JSON parsers, any finding/issue data can be added to DefectDojo. This is a good workaround when there isn't a native parser but native parser are the preferred way to add data to DefectDojo as they provide more/better control of how the data is mapped from the scanner's output to DefectDojo's data model.
As I said above, we love when the community adds parsers to DefectDojo. Its one of the least complicated ways to contribute and always appreciated.
CSV or JSON in terms of the data format from a scanner has some choices around it:
HTH |
Beta Was this translation helpful? Give feedback.
-
|
Hello, I noticed that someone has worked on the integration between DefectDojo and Cyberwatch. Here is a link that could serve as a first approach: GitHub - Galeax/Cyberwatch-API-DefectDojo. Additionally, I also have an example of a CSV file extracted from Cyberwatch. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you for pointing us to that effort. That repository is still a work in progress, no defect dojo integration in there yet. I have contactede the two contributors there to align on their approach/goals. The CSV seems rather limited, so it might be better to have that Community API based integration working correctly. For the CSV import I would have the following questions:
It's hard for me/us to get answers to these as we don't have a Cyberwatch license/instance and the docs are more focuses on the API and the ElasticSearch data that is generated by Cyberwatch. But if we have good information it would be easy to make a CSV parser, but I am worried the CSV will have very limited data making it less useful compared to the community API effort you pointed to. Are you able to help with some of these questions @gregorym35 ? |
Beta Was this translation helpful? Give feedback.
-
Hello,
I am currently working with DefectDojo (version X.XX) and noticed that the "Cyberwatch" scan type is not available among the configurable scan types. Cyberwatch is a vulnerability management solution that provides reports in CSV or JSON format, and it would be extremely helpful to import these reports directly into DefectDojo to centralize our analysis.
Here are a few points I’d like to discuss:
Existing support: Is there an existing way or alternative method to import a Cyberwatch report into DefectDojo, for example by mapping it to another available scan type?
Adding a parser: Would it be possible to develop and add native support for a Cyberwatch parser in DefectDojo? If so, what would be the recommended steps to contribute?
Technical dependencies: The Cyberwatch reports follow a relatively standard format (CSV with columns defining vulnerabilities). What would be the main technical challenges or prerequisites to implement this scan type?
I’d be happy to collaborate and, if needed, provide an example Cyberwatch report file to facilitate testing and development.
Thank you in advance for your insights and support.
Best regards,
Greg
Beta Was this translation helpful? Give feedback.
All reactions