Update step/stage terminology, refactor v1 Scanner Reference topics STO-7458

[douglas-j-bothwell]

Changes in this PR

• Update all Security Tests stage references to Security stage
• Update all Security step references to
  • Custom Scan step for scanners without step palettes
  • Bandit step, Semgrep step, etc. for scanners with step palettes
  • scan step or Security Test step to refer generically to any STO scan step
• Refactor v1 scanner references (ie integrations based on Custom Scan step)
  • Streamline/simplify Important Notes
  • Better support for copy-pasting YAML step definitions and strings such as ingestionOnly
  • Add button links at the top of each reference so you can immediately see the target types and ingestion modes supported for each scanner

Updates to scanner references

Custom Scan step reference

This topic includes all the snippets used in the other Custom Scan steps.

List of all non-step-palette scanner integrations:

• _scanners-that-use-custom-scan-step.md

Workflow snippets:

• _workflow-ingest-only.md For scanners that only support ingestion mode
• _workflow-repo.md For orchestration/extraction scans of code repos. Includes a step to configure the codebase.
• _workflow.md A generic snippet for all other workflows:

Settings snippets:

• _config.md
• _container.md
• _dast.md
• _fail-on-severity.md
• _ingestion-file.md
• _repo.md
• _scanners-that-use-custom-scan-step.md
• _target-variant.md

Custom Scan reference topics organized by workflow type

• _workflow-ingest-only.md For scanners that only support ingestion mode:

  • Fortify Static Code Analyzer scanner reference
  • HCL AppScan scanner reference
  • Qualys Web Application Scanning (WAS) scanner reference
  • Reapsaw scanner reference scanner reference

• _workflow-repo.md For orchestration/extraction scans of code repos. Includes a step to configure the codebase.

  • Data Theorem scanner reference
  • Fortify on Demand scanner reference
  • Nexus scanner reference
  • Qwiet AI (formerly ShiftLeft) scanner reference
  • Veracode scanner reference

• _workflow.md A generic snippet for all other workflows:

  • Clair scanner reference
  • Docker Content Trust (DCT) scanner reference
  • Metasploit Framework scanner reference
  • Nessus scanner reference
  • OpenVAS scanner reference
  • ScoutSuite scanner reference
  • Tenable scanner reference

Scanner and Product Access settings

These links point to the Scanner settings and Product access sections that are "hard-coded" i.e not imported snippets. Each updated topic includes a (legacy) link that points to the earliest committed version of the topic (i.e., when the content first got ported over to the HDH). These legacy links make it easier to cross-check the current content against the legacy content.

1. Clair scanner reference {HDH
   a. Scanner settings
2. Data Theorem (HDH)
   a. Scanner settings
   b. Product access
3. Docker Content Trust (HDH)
   a. Scanner settings
4. Fortify Static Code Analyzer scanner reference (HDH)
   a. Scanner settings
5. Fortify on Demand (HDH)
   a. Scanner settings
   b. Product access
6. HCL AppScan
   a. Scanner settings
7. Metasploit (HDH)
   a. Scanner settings
8. Nessus (HDH)
   a. Scanner settings
   b. Product access
9. Nexus (HDH)
   a. Scanner settings
   b. Product access
10. OpenVAS (HDH)
    a. Scanner settings
    b. Product access
11. Qualys Web Application Scanning (HDH)
    a. Scanner settings
12. Qwiet AI (formerly ShiftLeft) (HDH)
    a. Scanner settings
    b. Product access
13. Reapsaw (HDH)
    a. Scanner settings
14. ScoutSuite (HDH)
    a. Scanner settings
15. Tenable (HDH)
    a. Scanner settings
    b. Product access
16. Veracode (HDH)
    a. Scanner settings
17. JFrog Xray (HDH)
    a. Scanner settings

Prepub checks

PRs must meet these requirements to be merged:

• Successful preview build.
• SME review.
• Editorial review.
• PM review (went over with PC in our weekly 1:1)
• No merge conflicts.
• Release notes/new features docs: Feature/version released to at least one prod environment.

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://66242b7526144c239513ceff--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://66242e8439bba626d5d6faa4--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6625d541cfeeb534c9a13f98--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6626b7674e7ec624f0cd9375--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6626c43812ba7a2844f28946--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6627ef3e1662c22309b9a689--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://664290fc275d193bda16295a--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6643efc9f1a25715417ec263--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://6644c6ffd89973256eba0083--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://664762919e6c50d6f9b17346--harness-developer.netlify.app

[aklaft]

left a couple comments. I think I'll have to reapprove anyway, but if you look at these I think it's good.

[aklaft]

are these artifact scans now?

[douglas-j-bothwell]

Did a global update of headings from ### Container images to ### Artifacts

Custom Scan step reference > Artifacts

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://664a37f89e6c50e5c6b1698c--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://664a3ca589a77bb6052686d3--harness-developer.netlify.app

[bot-gitexp-user]

Please check the Execution Link of the Pipeline for the Website Draft URL. This is located in the Preview Step behind the Harness VPN and also is available in #hdh_alerts. E.g Website Draft URL: https://unique-id--harness-developer.netlify.app. Current Draft URL is: https://664a55b389a77bcac8268550--harness-developer.netlify.app