When running Trustify in a production environment, it would be very useful to have a built-in notification or alerting mechanism for newly detected vulnerabilities.
Right now, it’s not entirely clear to me whether monitoring findings is expected to be handled externally (e.g. by polling Trustify from another system) or if Trustify is intended to eventually provide its own alerting capabilities.
I have therefore the following questions:
- Should users rely on external tooling to monitor Trustify’s findings?
- Or is there interest in adding a native notification system within Trustify (e.g. email alerts, webhook calls, etc.)?
When running Trustify in a production environment, it would be very useful to have a built-in notification or alerting mechanism for newly detected vulnerabilities.
Right now, it’s not entirely clear to me whether monitoring findings is expected to be handled externally (e.g. by polling Trustify from another system) or if Trustify is intended to eventually provide its own alerting capabilities.
I have therefore the following questions: