Details
-
Type:
New Feature
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 9.4
-
Component/s: None
-
Labels:None
-
Edition:Enterprise
-
Production Notes:None
Description
We want to display the new OWASP Top 10 2021 data in the Security Report.
UI updates
Add a combobox to select OWASP Top 10 edition on Security Reports page. The combobox should work in a similar way to the one on the CWE Top 25 tab. The OWASP editions in the combobox should be sorted by year, in descending order. Select the latest as the default (2021 in this case).
WS updates
Add a new optional "version" (String) field for each category in the api/security_reports/show payload. This will allow the frontend to group categories by version, in this case OWASP Top 10 2021.
For OWASP, use the year as the version (example: "version": "2017").
Example payload:
{
"categories": [
{
"version": "2021"
"category": "A1",
"vulnerabilities": 3,
"vulnerabilityRating": 5,
"toReviewSecurityHotspots": 10,
"reviewedSecurityHotspots": 0,
"securityReviewRating": 5,
"distribution": [
{
"cwe": "20",
"vulnerabilities": 3,
"vulnerabilityRating": 5,
"toReviewSecurityHotspots": 0,
"reviewedSecurityHotspots": 0,
"securityReviewRating": 1,
"activeRules": 40,
"totalRules": 41,
"hasMoreRules": false
},
//cut ],
"activeRules": 44,
"totalRules": 44,
"hasMoreRules": false
}
]
}
Attachments
Issue Links
- blocks
-
SONAR-16156 Write IT to validate new OWASP Top 10 2021 edition
-
- Closed
-
- relates to
-
-
- Open
-