Skip to content
shield

GitHub Action

defectdojo findings threshold

v1.0.1 Latest version

defectdojo findings threshold

shield

defectdojo findings threshold

A GitHub Action that evaluates the active findings against thresholds set by the user

Installation

Copy and paste the following snippet into your .yml file.

              

- name: defectdojo findings threshold

uses: portswigger-cloud/defectdojo-findings-thresholds@v1.0.1

Learn more about this action in portswigger-cloud/defectdojo-findings-thresholds
Choose a version

defectdojo findings thresholds v1

This GitHub Action that queries the number of active finding in DefectDojo by product and then compares them against the thresholds set by the user, failing the build if the thresholds are exceeded.

portswigger-cloud/defectdojo-findings-thresholds@v1

Example output

The total number of my-product findings 61 is greater than the configured threshold of 50

About DefectDojo

DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform.

Inputs

Input Name Required
defectdojo-url True
defectdojo-username True
defectdojo-password True
defectdojo-product True
total-threshold False
critical-threshold False
high-threshold False
medium-threshold False
low-threshold False
info-threshold False

If any of the thresholds are left blank they will not evaluated by this action.

Examples

Simple example

name: test-security-findings-threshold-by-product-against-active-findings-from-defectdojo
on:
  push
jobs:
  test-active-findings-against-thresholds:
    runs-on: ubuntu-latest
    steps:
      - name: defectdojo_findings-threshold:
        id: defectdojo-findings-threshold:
        uses: portswigger-cloud/defectdojo-active-findings@main
        with:
          defectdojo-url: https://defectdojo.example.con
          defectdojo-username: ${{ secrets.defectdojo-username }}
          defectdojo-password: ${{ secrets.defectdojo-password }}
          defectdojo-product: my-product
          total-threshold: 10
          critical-threshold: 2 
          high-threshold: 2
          medium-threshold: 2
          low-threshold: 2
          info-threshold: 2