How to categorize recurring vulnerabilities as "Legacy" when reimporting scans in DefectDojo? #10758
Replies: 1 comment 2 replies
-
|
Dedup: |
Beta Was this translation helpful? Give feedback.
-
|
Thanks Matt Tesauro; I understand that, thank you. What I need now is to do the following: all vulnerabilities that are duplicates or “legacy” – except the new ones – should be grouped together in one place, like a group. For example, if I see that the XPTO vulnerability is duplicated, I want it to be moved to a group called "DUPLICATE". How do I create this group and assign these vulnerabilities to it? |
Beta Was this translation helpful? Give feedback.
-
|
Matt, How do I create a group with the following association: if the status = inactive, duplicate OR if the relationship = Duplicate, then assign it to the group = legacy. How can I achieve this? |
Beta Was this translation helpful? Give feedback.
-
Description:
Hello everyone,
I’m looking for a way to ensure that when I import a new scan into DefectDojo, vulnerabilities that already existed in previous scans are automatically categorized as "Legacy" or "Repeated" (or another suitable adjective).
Scenario:
Every week, I perform new scans using Nessus and reimport the results into DefectDojo. Often, some vulnerabilities persist from one scan to the next. I’d like to know if there is a way for DefectDojo to recognize these recurring vulnerabilities during the reimport process and automatically categorize them in some way, whether by tagging, grouping, or another form of categorization.
Questions:
Is there a native configuration in DefectDojo to automatically mark recurring vulnerabilities when they are reimported?
What would be the best method to ensure that these persistent vulnerabilities are identified and categorized without the need for manual intervention each time?
I appreciate any guidance or experiences you can share.
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions