Add scanned resources to the DAST schema (!28) · Merge requests · GitLab.org / security-products / Security Report Schemas

Cameron Swords requested to merge add-scanned-resources-to-dast into master May 12, 2020

This MR adds the scan.scanned_resources to the DAST schema. Scanned resources represent the attack surface that DAST has used for the target website. This is useful to users because it helps them determine whether the correct parts of their website has been scanned.

An example of these fields with real values is as follows:

"scan": {
    "scanned_resources": [
      {
        "method": "GET",
        "type": "url",
        "url": "http://nginx"
      }
    ]
}

This MR resolves issue gitlab-org/gitlab#37120 (closed).

Add scanned resources to the DAST schema

Merge request reports