How to customize the "Found By" field when using Generic Findings Import?

[vesper-oss]

Hi Team, I am currently importing Fortify DAST results into DefectDojo (v. 2.53.1) using the Generic Findings Import parser via API with Jenkins. Since I use a custom JSON format, I rely on scan_type=Generic Findings Import. However, the "Found By" field automatically displays as "Generic Findings Import".

To maintain clean reporting, I need the findings to be labeled as "Found By: Fortify DAST" instead of the parser name, is there a way to override this value to "Fortify DAST" during the import process without switching to a different parser? If not, what is the recommended API-based workaround to update this metadata post-import?

Thank you.

[mtesauro]

I've never messed with the "Found By" field but you can create a custom test type e.g. "My Fortify JSON" and change the test type on the import after it's done.

Then all the normal Test Type filters, reporting and such will reflect "My Fortify JSON" instead of "Generic Findings Import"

At least that's how I handled that situation in the past.

HTH

[valentijnscholten]

@vesper-oss This is what AI says:

The Generic Findings Import parser does support dynamic test types, but only when using the JSON format (not CSV).

How it works

• JSON format: If the JSON payload includes a "type" field (e.g., "type": "Fortify DAST"), the parser will create a dynamic test type. The resulting test type name would be "Fortify DAST Scan (Generic Findings Import)" (since the type differs from the scan_type). If the JSON also has a "name" field, that's used as the test name.

• CSV format: Always uses the static "Generic Findings Import" test type. No dynamic creation.

The mechanism

The Generic Findings Import parser implements get_tests() (not just get_findings()). When the importer detects that a parser has get_tests(), it takes the dynamic path:

1. The parser reads the "type" field from the JSON and returns it via ParserTest(parser_type=data.get("type", ...))
2. The importer compares this type with the scan_type. If they differ, it creates a new test type named "{type} Scan ({scan_type})" — e.g., "Fortify DAST Scan (Generic Findings Import)"
3. This test type is created via get_or_create_test_type() with dynamically_generated=True

This is the same mechanism used by the SARIF parser, where the tool name from each SARIF run becomes a dynamic test type (e.g., "CodeQL Scan (SARIF)").

Found By

The "Found By" field on findings will also correctly reflect the dynamic test type. When a finding is saved, it runs self.found_by.add(self.test.test_type), which at that point is already the dynamically created test type.

What the user needs to do

Add a "type" field to their JSON payload:

{
"type": "Fortify DAST",
"name": "My Fortify DAST Scan",
"findings": [...]
}

This aligns with the docs at https://docs.defectdojo.com/supported_tools/parsers/file/generic/