STO ingestion workflows
STO supports three workflows for ingesting data -- run a local scan (orchestrated), ingest results from a shared folder (ingestion-only), and download results from an external scanner (data-load).
An orchestrated scan is a fully automated workflow that scans an object and ingests the results into Harness in one Security step. Orchestrated scans are the easiest to set up and are a great way to get started with STO.
With ingestionOnly, the scanner saves the results to a shared folder. The pipeline then ingests this data and analyzes, deduplicates, and displays the results.
Ingest SARIF scan results
You can easily ingest from any scanner can publish results in SARIF format.
Scan and ingest from GitHub Actions and Drone Plugins
STO can ingest data from any scanner that can publish in SARIF format.
Scan Java binaries
This is the recommended workflow for scanning Java binary (.jar, .class) files in an STO pipeline.
Ingest from unsupported scanners
How to ingest data from scan tools that currently have no integration in STO.