➹ New Feature implementation request

At the moment, the DefectDojo hook is importing all findings into DefectDojo. Both the scan_import and the reimport_scan endpoints have an optional parameter minimum_severity that controls the minimum finding severity that should be imported. This allows the user to ensure that the DefectDojo is not flooded with hundreds of thousands of informational findings from verbose scanners.

Describe the solution you'd like

Allow the user to set the minimum_severity parameter as part of the hook configuration. Document that this may have undesireable side effects in the following cases (plus any others you may find):

• When syncFindingsBack is enabled, I assume that removing INFO findings from the import will also remove them from the synced back findings, leading to fewer targets to cascade on. Solution: Use read-only mode (syncFindingsBack=false)
• Some scan types may not support severities, for example the generic scan importer. Here, the behavior of the endpoint would need to be tested and documented to avoid surprising the user.
• There may be other side effects I didn't consider here.

Describe alternatives you've considered

It doesn't seem to be possible to configure this on the side of DefectDojo (and even if it were, the same side effects may apply).