Defectdojo import problem

[Heykelog]

Hello,

I want to mention the import problem in Defectdojo, when making an import, the endpoints in the vulnerabilities detected in the system need to be added one by one as tests. Whatever findings are found in the tests need to be imported. Does anyone have information about this method?

[Heykelog]

Product Type - > Product -> Engagament -> Endpoint -> Test -> Finding

[testaccount90009]

A test is just an output of Findings. If you are asking for one test per host, then you'd need to run a scan on a host, create an engagement, a test, then import the hosts scan results into that test - and repeat for as many hosts as you want.

Tests can contain multiple hosts, for example - Nessus scan, Network scan, AWS IPs, etc.. It depends on how you are scanning and what scanner you are using to produce the vulnerabilities that you want to import.

A Nessus scan containing many hosts will not break out each endpoint/host into its own Test. However, a Nessus scan containing one host could be used for its own Test to import.

[mtesauro]

@Heykelog

Product Type - > Product -> Engagament -> Endpoint -> Test -> Finding

This is not how the data model works, see the documentation at https://documentation.defectdojo.com/usage/models/