-
**Remark: The final aggreement/decision can be found in last comment (we changed the format)**
To do a web scan one can provide a script, which will be executed to login into a web application unde…
-
Webscans can take a very long time. They can take from minutes, to hours, to days. One should be able to set a max scan duration as parameter for every job.
~~~
{
"apiVersion": "1.0",
"w…
-
A form based login can involve more than one page. In this case, on page 1 (step 1) the users put in their username and on the second page (step 2) the password.
![two_step_login](https://user-imag…
-
# Situation
Currently, on a POST request to `project/{projectId}/membership/{userId}` the response status is CREATED.
# Wanted
The response status should be OK, because from API-user perspective …
-
We will provide SARIF inside Sereco ( see https://sarifweb.azurewebsites.net/) because it is supported by OASIS and becomes a standard of SAST report formats.
It will also help us to simplyfy PDS i…
-
With #577 the mocked adapters does now really persist meta data by adapter callback. Doing this a bug became visible, Fallback for product errors did always create own new Product Results which led to…
-
The SecHub Report in JSON format contains the code flow from the source to the sink with all intermediate steps. However, the HTML report contains only the source and sink, but not the intermediate st…
-
When we cancel an older job - being marked as still running - we got an exception
Interesting part of trace:
---
Caused by: com.fasterxml.jackson.databind.exc.InvalidTypeIdException:
Missing…
-
> As a developer having a SecHub JSON report, I want to have an explanation field in JSON about the finding.
**TODOs**
- change the internal sereco report model
- provide explanation field(s) als…
-
**Is your feature request related to a problem? Please describe.**
Yes, we're trying to filter Securityhub members and invitations and delete ones that are not found in a provided account list
**D…