Establish relationship between Security Orchestration Policies and CI Pipelines
Summary
After the scan execution policies are moved to the database, we need to create a relationship between a scan execution policy
and a pipeline
so that we can record which policy triggered a pipeline.
This will enable us to:
- Establish audit trails for how the pipelines were triggered
- Show end users how the pipeline was triggered
- Associate pipeline data with a security policy (i.e. This policy last ran a scan at...)
Implementation Plan
See !56821 (merged) for similar implementation with DAST profiles
Edited by Brian Williams