docs(connectors): add GitHub Advanced Security, Qualys, Rapid7 InsightVM, Veracode references#15198
Open
devGregA wants to merge 2 commits into
Open
docs(connectors): add GitHub Advanced Security, Qualys, Rapid7 InsightVM, Veracode references#15198devGregA wants to merge 2 commits into
devGregA wants to merge 2 commits into
Conversation
…tVM, Veracode Backfills the connector reference for four connectors that had no customer-facing docs. Each section covers credential/token setup, the connector field mappings, and what a Record maps to: - GitHub Advanced Security — PAT scopes (code scanning / Dependabot / secret scanning), org, api.github.com vs GHES. - Qualys — VMDR API user + per-subscription platform (pod) URL. - Rapid7 InsightVM — Security Console URL (:3780) + console credentials. - Veracode — API ID + secret (HMAC) + regional API base URL. Stories: sc-13490, sc-12691, sc-13485, sc-13464
b838d0e to
1441bc7
Compare
Maffooch
pushed a commit
to devGregA/django-DefectDojo
that referenced
this pull request
Jul 9, 2026
… Shodan setup Add tool-specific setup sections to the connector reference for five findings connectors, following the existing per-tool format (description, prerequisites, connector mappings). - Contrast: username + API key + service key + organization id. - GitGuardian: single API key; documents the leak-proof behavior (only incident metadata is imported, never the secret value) and the open-incident / auto-mitigation semantics. - Google Cloud Security Command Center: service-account JSON key + parent resource; notes SCC activation and the findingsViewer role. - HackerOne: organization API token (identifier + token), with the personal-vs-organization token caveat. - Shodan: API key + search query scoping to the org's own assets; notes the membership requirement and query-credit usage. Veracode and Qualys are covered separately in the connector-docs backfill PR (DefectDojo#15198). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Maffooch
approved these changes
Jul 9, 2026
paulOsinski
approved these changes
Jul 10, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backfills the connectors tool reference for four connectors that shipped without customer-facing docs. Each section follows the existing reference format — credential/token setup, connector field mappings, and what a Record maps to.
api.github.comvs GitHub Enterprise Server (/api/v3); one Record per non-archived repo.Pairs with the connector implementations (connectors PRs #657, #654, #656, #653).
Stories: sc-13490, sc-12691, sc-13485, sc-13464