DefectDojo · Maffooch · Apr 25, 2025 · Mar 25, 2025 · Apr 2, 2025 · Apr 22, 2025
@@ -0,0 +1,14 @@
+---
+title: "Cyberwatch (Galeax)"
+toc_hide: true
+---
+The Cyberwatch (Galeax) Parser is used to import Cyberwatch scan results into DefectDojo. It accepts a JSON input that can be generated by the [Cyberwatch-API-DefectDojo](https://github.com/Galeax/Cyberwatch-API-DefectDojo) tool created by Galeax.
+
+The JSON file should include the following keys:
+- **cves**: A list of CVE entries.
+- **security_issues**: A list of security issue entries.
+
+For each CVE and security issue found in the JSON input, the parser creates a corresponding finding in DefectDojo.
+
+### Sample Scan Data
+Sample Cybwerwatch Galeax Scan scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/cyberwatch).
@@ -1346,6 +1346,7 @@ def saml2_attrib_map_format(din):
     "KrakenD Audit Scan": ["description", "mitigation", "severity"],
     "Red Hat Satellite": ["description", "severity"],
     "Qualys Hacker Guardian Scan": ["title", "severity", "description"],
+    "Cyberwatch scan (Galeax)": ["title", "description", "severity"],
 }
 
 # Override the hardcoded settings here via the env var
@@ -1416,6 +1417,7 @@ def saml2_attrib_map_format(din):
     "Threagile risks report": True,
     "HCL AppScan on Cloud SAST XML": True,
     "AWS Inspector2 Scan": True,
+    "Cyberwatch scan (Galeax)": True,
 }
 
 # List of fields that are known to be usable in hash_code computation)
@@ -1597,6 +1599,7 @@ def saml2_attrib_map_format(din):
     "PTART Report": DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL,
     "Red Hat Satellite": DEDUPE_ALGO_HASH_CODE,
     "Qualys Hacker Guardian Scan": DEDUPE_ALGO_HASH_CODE,
+    "Cyberwatch scan (Galeax)": DEDUPE_ALGO_HASH_CODE,
 }
 
 # Override the hardcoded settings here via the env var