Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix typo in docs #11387

Open
wants to merge 1 commit into
base: bugfix
Choose a base branch
from
Open

fix typo in docs #11387

wants to merge 1 commit into from
+1 −1

Conversation

manuel-sommer
Copy link
Contributor

No description provided.

@github-actions github-actions bot added the docs label Dec 9, 2024
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 9, 2024
edited
Loading

DryRun Security Summary

The pull request updates DefectDojo's documentation to provide comprehensive, security-focused instructions for integrating various authentication methods from different identity providers.

Expand for full summary

Summary:

The code changes in this pull request appear to be an update to the documentation for various authentication methods supported by the DefectDojo application security management tool. The changes provide detailed instructions for setting up authentication using different identity providers, such as Auth0, Google, OKTA, Azure Active Directory, Gitlab, Keycloak, and GitHub Enterprise.

From an application security perspective, the documentation highlights several important security considerations, including whitelisting domains/emails, secure configuration of cookies and SSL/TLS, group synchronization and automatic cleanup, and the proper configuration of Keycloak, GitHub Enterprise, SAML 2.0, and RemoteUser integrations. These security-focused instructions and explanations should help users set up secure authentication for their DefectDojo instances.

Files Changed:

  • docs/content/en/open_source/archived_docs/integrations/social-authentication.md: This file has been updated to provide detailed documentation on integrating various authentication methods with the DefectDojo application security management tool. The changes cover the security considerations and best practices for setting up authentication using different identity providers, such as whitelisting domains/emails, secure configuration of cookies and SSL/TLS, group synchronization and automatic cleanup, and the proper configuration of Keycloak, GitHub Enterprise, SAML 2.0, and RemoteUser integrations.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@manuel-sommer manuel-sommer reopened this Dec 9, 2024
@manuel-sommer manuel-sommer reopened this Dec 9, 2024
mtesauro
mtesauro approved these changes Dec 11, 2024
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mtesauro mtesauro mtesauro approved these changes

@cneill cneill cneill approved these changes

At least 4 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@manuel-sommer @cneill @mtesauro