You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/content/en/working_with_findings/finding_deduplication/tune_deduplication.md
+6-5Lines changed: 6 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: "Deduplication Tuning (Pro)"
3
3
description: "Configure how DefectDojo identifies and manages duplicate findings"
4
-
weight: 5
4
+
weight: 4
5
5
---
6
6
7
7
Deduplication Tuning is a DefectDojo Pro feature that gives you fine-grained control over how findings are deduplicated, allowing you to optimize duplicate detection for your specific security testing workflow.
@@ -22,7 +22,7 @@ The Deduplication Settings page offers three key configuration areas:
22
22
23
23
Same Tool Deduplication is enabled by default for all security tool parsers. This ensures findings from consecutive scans using the same tool are properly deduplicated.
24
24
25
-
To configure Same Tool Deduplication:
25
+
To adjust Same Tool Deduplication:
26
26
27
27
1. Select a specific **Security Tool** from the dropdown
28
28
2. Choose a **Deduplication Algorithm** from the available options
@@ -77,8 +77,9 @@ The same three algorithm options are available for Reimport Deduplication as for
77
77
For optimal results with Deduplication Tuning:
78
78
79
79
-**Start with defaults**: The preconfigured deduplication settings work well for most scenarios
80
-
-**Test changes carefully**: After adjusting deduplication settings, monitor a few imports to ensure proper behavior
81
-
-**Use Hash Code for cross-tool deduplication**: When enabling cross-tool deduplication, select fields that reliably identify the same finding across different tools (such as vulnerability name, location, and severity)
80
+
-**Test changes carefully**: After adjusting deduplication settings, monitor a few imports to ensure proper behavior.
81
+
-**Adjustments to deduplication will only affect new imports, and **do not retroactively adjust the hash values for findings already imported**. Pro subscribers may contact DefectDojo support to assess if deduplcation tunings can be re-executed for findings already imported prior to the deduplcation adjustments.
82
+
-**Use Hash Code for cross-tool deduplication**: When enabling cross-tool deduplication, select fields that reliably identify the same finding across different tools (such as vulnerability name, location, and severity). **IMPORTANT** Each tool enabled for cross-tool deduplication **MUST** have the same fields selected.
82
83
-**Avoid overly broad deduplication**: Cross-tool deduplication with too few hash fields may result in false duplicates
83
84
84
-
By tuning these settings, you can significantly reduce duplicate noise and create a more streamlined workflow for your security teams.
85
+
By tuning deduplication settings to your specific tools, you can significantly reduce duplicate noise.
0 commit comments