DefectDojo is an open source vulnerability management tool and it is used as the backbone for security programs. It helps you keep proper record and management of your Product Testing Engagements for easy review and recall. DefectDojo streamlines the application security testing process by offering features such as importing third-party security findings, merging and deduping, integration with Jira, templating, report generation and security metrics. My contribution to this Project all through the period of GSOC as stated in my proposal is focused on writing as much Unit Tests as I can that is needed. The following sections will be summary of all my contributions:
### ORGANIZATION DETAILS
- NAME --> **OWASP Foundation**
- PROJECT CATEGORY --> **DefectDojo**
- MENTORS -->
- Aaron Weaver
- Matt Tesauro
### STUDENT DETAILS -->
- Full Name --> **Samuel Ameh**
- Email --> **propersam2012@gmail.com**
- Address --> **Lagos, Nigeria**
- Institution --> **University Of Nigeria, Nsukka**
- Department --> **Computer Science**
Implemented Import Scanners
Issue: Import Scan For Immuniweb --> Closed
- PR: Importer For Immuniweb Scan Parser --> (Merged, Closed)
Issue: IBM AppScan Integration --> Closed
- PR: Import Scanner For IBM AppScan --> (Modified, Closed, Merged Modified Version)
Implemented Unit Tests
Issue: Add Endpoint Unit Test --> Closed
- PR: Endpoint Functional Unit Test --> (Merged, Closed)
Issue: Add Product Unit Tests --> Closed
- PR: Functional Unit Test For Product --> (Merged, Closed)
Issue: Add Test Unit Tests --> Closed
- PR: Test Functional Unit Test --> (Merged, Closed)
Issue: Add User Unit Tests --> Closed
- PR: User Functional Unit Test --> (Merged, Closed)
Issue: Add Finding Unit Test --> Closed
- PR: Finding Functional Tests --> (Merged, Closed)
Issue: Complete Import Scanner Unit Test Requirements --> Closed
- PR1: Import Scanner Unit Test --> (Merged, Closed)
- PR2: Wrap Up Import Scanner UnitTest --> (Merged, Closed)
Issue: Configure Travis To Run all Unittests In the /test Folder --> Closed
- PR: Integrate Unittests To Travis CI Job --> (Merged, Closed)
Contributed Enhancements to Project
Issue: Ability to retrieve findings notes --> Closed
- PR: Add Notes EndPoint to APIv2 --> (Merged, Closed)
Issue: Add Ability To Deal with Findings Through Tags --> Closed
- PR: Add Ability To Deal with Findings Through Tags With APIv2 --> (Merged, Closed)
Issue: Download Ascii Report As Plain Text --> Closed
- PR1: Download Ascii Doc Report Page --> (Merged, Closed)
- PR2: Added API v2 Feature For Report Generation --> (contains PR1 commits , Merged, Closed)
Issue: Notes created from review requests should be marked private by default --> Closed
- PR: Mark Notes As Private By Default on Review Request --> (Merged, Closed)
Other Bugs Fixed And Contributions Made
Issue: Inconsistent Behaviour To View Open Findings --> Closed
- PR: Fix Open Finding Filter Inconsistency --> (Merged, Closed)
Issue: File Path Error when deleting Image from finding --> Closed
Thanks for going through this report. Any question you may have can be sent to me directly through any of my available social media handles or you can just leave a comment below. :D
Also, please do reach out to me if there are any changes, update or fix that you think I need to make to this report.