STO Ingestion Workflows
STO supports three workflows for ingesting data -- run a local scan (orchestrated), ingest results from a shared folder (ingestion-only), and download results from an external scanner (data-load).
Run an Orchestrated Scan in an STO Pipeline
An orchestrated scan is a fully automated workflow that scans an object and ingests the results into Harness in one Security step. Orchestrated scans are the easiest to set up and are a great way to get started with STO.
Ingest Scan Results into an STO Pipeline
With ingestionOnly, the scanner saves the results to a shared folder. The pipeline then ingests this data and analyzes, deduplicates, and displays the results.
Ingest Results from Custom or Unsupported Scanners
You can ingest custom Issues from any scanning tool. This topic describes how to ingest data from scan tools that currently have no integration in STO.
Ingest Scan Results from Snyk
This workflow describes how to ingest Snyk scan results into a Harness pipeline.
Scanning Java Binaries
This is the recommended workflow for scanning Java binary (.jar, .class) files in an STO pipeline.