lme-nca
lme-nca
changed the type of user_post_save to generic Django user so all users created (ldap, oauth, ui) will trigger this function. This should fix #6626
**Bug description** When deploying on AWS the ALB healthcheck fails because it sets the "HTTP_HOST" header to the PODS IP address. The "HTTP_HOST" value of the ALB healthcheck can not...
This tries to improve on the (incomplete) fix introduced here: https://github.com/DefectDojo/django-DefectDojo/pull/7447 Also see the discussion on Slack: https://owasp.slack.com/archives/C014H3ZV9U6/p1700819414409409 and related issue https://github.com/DefectDojo/django-DefectDojo/issues/8797 **Previous behaviour:** IF existing findings (false positive, out...
It seems that Trivy nows supports Vex in combination with the Sbom generation feature: https://aquasecurity.github.io/trivy/test/docs/supply-chain/vex/ This seems like a great way to transparently handle vulnerabilities coming from Trivy in a...
*Issue #, if available:* https://github.com/aws-samples/siem-on-amazon-opensearch-service/issues/180 This is the fix as described in pull request: https://github.com/aws-samples/siem-on-amazon-opensearch-service/pull/181 with the suggested enhancement by user Ghost. I have tested this code on our deployment...
**Description** This pull request introduces group syncing for Keycloak (i.e. https://github.com/DefectDojo/django-DefectDojo/issues/7096 ) However the keycloak social auth provider (https://github.com/python-social-auth/social-core/blob/master/social_core/backends/keycloak.py) is really not a good implementation (it hardcodes the public key...