sync with tenable nessus latest version

[johnfelipe]

https://192.168.20.30:10443/#/settings/my-account/api-keys

already revoked

---

http://192.168.20.22:8080/tool_type/7/edit

http://192.168.20.22:8080/tool_config/2/edit

http://192.168.20.22:8080/product/38/edit_api_scan_configuration/3

https://192.168.20.30:10443/#/scans/reports/13/hosts

but when im trying to sync

show this:

the Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

[kiblik]

Hi @johnfelipe,

DD supports only "file version" of reports from Tenable: https://documentation.defectdojo.com/integrations/parsers/file/tenable/ Only the following tools are supported via API: https://documentation.defectdojo.com/integrations/parsers/api/

This fact is mentioned in your page: http://192.168.20.22:8080/product/38/edit_api_scan_configuration/3

[johnfelipe]

is in roadmap put tenable nessus via API?

[mtesauro]

@johnfelipe TBH, No.

API integrations with 3rd party vendors, especially commercial vendors, are particularly tricky/difficult to have since we cannot adequately test them when taking PRs and an open source project maintaining a license to a commercial product isn't feasible.

You can look at my posts in GH discussions to see where the DefectDojo maintainers are headed and what we're thinking about the future if you're curious: https://github.com/DefectDojo/django-DefectDojo/discussions?discussions_q=author%3Amtesauro