Skip to content

feat(lab10): defectdojo governance report#4

Open
karmihkr wants to merge 1 commit into
mainfrom
feature/lab10
Open

feat(lab10): defectdojo governance report#4
karmihkr wants to merge 1 commit into
mainfrom
feature/lab10

Conversation

@karmihkr

@karmihkr karmihkr commented Jul 8, 2026

Copy link
Copy Markdown
Owner

Goal

Complete Lab 10 by deploying DefectDojo, importing security scan results from previous labs, configuring SLA policies, and documenting the governance report.

Changes

  • Added submissions/lab10.md with the Lab 10 report
  • Deployed and configured DefectDojo locally
  • Imported findings from Grype, Trivy, Semgrep, Checkov, KICS, and Trivy Operator
  • Configured the required SLA policy for vulnerability management

Testing

Executed the DefectDojo import script:

bash labs/lab10/imports/run-imports.sh

Verified successful imports through the DefectDojo UI:

  • 386 findings imported
  • Product: OWASP Juice Shop
  • Engagement: Course Semester Run

Verified governance metrics using the DefectDojo API:

jq '.count' findings.json
# 386

Artifacts & Screenshots

  • submissions/lab10.md

Checklist

  • Title is clear (feat(lab10): defectdojo governance report)
  • No secrets/large temp files committed
  • Submission file at submissions/lab10.md exists

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant