STO Ingestion Workflows
STO supports three workflows for ingesting data -- run a local scan (orchestrated), ingest results from a shared folder (ingestion-only), and download results from an external scanner (data-load).
Run an Orchestrated Scan in an STO Pipeline
An orchestrated scan is a fully automated workflow that scans an object and ingests the results into Harness in one Security step. Orchestrated scans are the easiest to set up and are a great way to get started with STO.
Ingest Scan Results into an STO Pipeline
With ingestionOnly, the scanner saves the results to a shared folder. The pipeline then ingests this data and analyzes, deduplicates, and displays the results.
Ingest Results from Custom or Unsupported Scanners
You can ingest custom Issues from any scanning tool. This topic describes how to ingest data from scan tools that currently have no integration in STO.
Ingest Scan Results from Snyk
This workflow describes how to ingest Snyk scan results into a Harness pipeline.
Exemptions (Ignore Rules) for Specific Issues
You can specify exemptions (ignore rules) for specific security issues. An ignore rule allows pipeline builds to proceed even if a security scan detects an issue.
STO Overview Page
The STO Overview page enables you to see all detected issues in your target baselines.
Adding Custom Artifacts to STO Pipelines
This topic describes how to include SSL certificates and other types of artifacts in your STO pipelines.
Scanning Java Binaries
This is the recommended workflow for scanning Java binary (.jar, .class) files in an STO pipeline.
Configure STO to Download Images from a Private Registry
You can set up STO to download your scanner images from a private registry instead of Docker Hub.
Create Jira tickets for detected issues
You can easily create Jira tickets for any issue detected during an STO build.