add statistics

wurstbrot · wurstbrot · commit 7a6b7ff97ff7 · 2023-02-02T16:28:21.000+01:00
diff --git a/src/assets/YAML/default/TestAndVerification/Consolidation.yaml b/src/assets/YAML/default/TestAndVerification/Consolidation.yaml
@@ -26,6 +26,31 @@ Test and Verification:
       isImplemented: false
       evidence: ""
       comments: ""
+    Response Statistics:
+      risk: No or delayed reaction to findings leads to potential exploitation of findings.
+      measure: Creation and response statistics of findings.
+      difficultyOfImplementation:
+        knowledge: 2
+        time: 2
+        resources: 1
+      usefulness: 3
+      dependsOn:
+        - Usage of a vulnerability management system
+      level: 3
+      implementation:
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/owasp-defectdojo
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/purify
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/business-friendly-vulnerability-metrics
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/defectdojo-client
+      references:
+        samm2:
+          - I-DM-2-B
+        iso27001-2017:
+          - 16.1.4
+          - 8.2.3
+      isImplemented: false
+      evidence: ""
+      comments: "The [DefectDojo-Client](https://github.com/SDA-SE/defectdojo-client/tree/master/statistic-client) generates statistics from OWASP DefectDojo and places the results in a [github repository](https://github.com/pagel-pro/cluster-image-scanner-all-results)."
     Definition of quality gates:
       risk: Improper examination of vulnerabilities leads to no visibility at all.
       measure: |-
diff --git a/src/assets/YAML/default/implementations.yaml b/src/assets/YAML/default/implementations.yaml
@@ -692,4 +692,10 @@ implementations:
     tags: [development, architecture]
     url: https://martinfowler.com/articles/feature-toggles.html
     description: |
-      Feature Toggles are a powerful technique, allowing teams to modify system behavior without changing code. (Pete Hodgson)
+      Feature Toggles are a powerful technique, allowing teams to modify system behavior without changing code. (Pete Hodgson)
+  defectdojo-client:
+    name: DefectDojo Client
+    tags: [Defectdojo, statistics]
+    url: https://github.com/SDA-SE/defectdojo-client
+    description: |
+      This projects contains the DefectDojo upload client and statistics client. It is for example used within the ClusterImageScanner.      
diff --git a/src/assets/YAML/generated/generated.yaml b/src/assets/YAML/generated/generated.yaml
