Smart Upload

A smarter way to import scans to DefectDojo.

Smart Upload

Smart upload is an enhanced version of the existing import scan functionality within DefectDojo. Smart upload works by automatically assigning findings to existing products within DefectDojo, using previously affected endpoints that have already been imported as a way to make a match.

If no existing engagement is found under a given product such that an appropriate match can be made, a new engagement will be created. If any of the newly imported findings do not find an endpoint that match any existing products, the findings are given a unique type of Unassigned Findings. The user can then assign these Unassigned Findings to an existing product, create a new product where they should be stored, or simply delete the newly imported finding altogether.

Using Smart Upload

Begin by navigating to the Smart Upload page under the plugins tab within the sidebar.

Accessing Smart Upload

To begin uploading, select Smart Upload in the top right.

Start Smart Upload

This will prompt the user to fill out information pertaining to the scan file(s) being uploaded, similar to the way importing is completed in other parts of DefectDojo. Once all data in the form is completed, submit the form.

Import Findings

Once the upload is complete, all findings that were not assigned to an existing product will be displayed for manual placement. After selecting a finding, three options will be displayed:

  • Create Product - create a new product for the finding to be assigned to
  • Assign Product - list all existing products that the finding may be assigned to
  • Disregard Findings - delete the unassigned finding altogether

Product Placement

Manually Assign Finding

API

Smart uploading via the API is performed via the smart_upload_import endpoint. More information on using the DefectDojo API can be found here.

For additional information, please see our pricing page.

Last modified January 1, 0001