Your Question
I am trying to prevent a notification from being sent in case all findings in are already "handled" (mitigated as false positive or risk accepted) in DefectDojo as described here: https://www.securecodebox.io/docs/hooks/notification-webhook/#configuration-of-a-notification
What rules do I need to write into my notification hook for this to work?
As far as I can tell it is only possible to configure a rule to send an email if something matches and not the other way around (If x is set don't send an email)?
I am trying it with the following rules, but I can't verify it works currently due to the issue linked below.
notificationChannels:
- name: email
type: email
template: email
skipNotificationOnZeroFinding: true
rules:
- matches:
anyOf:
- category: "DefectDojo Imported Finding"
attributes:
defectdojo.org/original-finding:
riskAccepted: false
- category: "DefectDojo Imported Finding"
attributes:
duplicate: false
endPoint: "Redacted"
Related issue: #2057
Your Question
I am trying to prevent a notification from being sent in case all findings in are already "handled" (mitigated as false positive or risk accepted) in DefectDojo as described here: https://www.securecodebox.io/docs/hooks/notification-webhook/#configuration-of-a-notification
What rules do I need to write into my notification hook for this to work?
As far as I can tell it is only possible to configure a rule to send an email if something matches and not the other way around (If x is set don't send an email)?
I am trying it with the following rules, but I can't verify it works currently due to the issue linked below.
Related issue: #2057