2024-11 Monthly Summary for bancolombia repos (django-DefectDojo and devsecops-engine-tools). The month focused on delivering core SBOM enhancements, improving security tooling reliability, and cleaning up repository hygiene to accelerate developer velocity. Key features delivered: - SBOM Component Uniqueness Constraints and API Enhancements: added filtering (by name, version, engagement ID), enforced component uniqueness within an engagement, and merged migrations to support unique component entries, increasing SBOM data integrity and API usability. - SBOM Component Authorization and Permissions: introduced granular, component-level authorization with permission classes and integration into the ComponentViewSet; added tests for authorization behavior. - UI/UX Improvements for SBOM Component Views: improved engagement name visibility, refined filters, and enhanced tooltip behavior for easier association of components with engagements and products. - Product Findings Linking Refinement in SBOM: refactored links to correctly associate findings with products and adjusted URL parameters to filter by product. - CI/CD Pipeline Stabilization for SBOM: restored and stabilized build/deploy conditions so SBOM artifacts publish reliably on trunk builds. - Nuclei installation and execution improvements (devsecops-engine-tools): platform-independent installation, robust download/install across OSes, Windows path handling, dynamic inclusion of Nuclei, and a silent mode for non-interactive runs. - DAST engine configuration and data fixes: corrected nuclei release URL, cleaned config field names, removed deprecated fields from ConfigTool and remote config, preventing misconfigurations. - Repository hygiene cleanup (engine-tools): removed .gitkeep files and restored .gitignore to keep generated files ignored and the repo clean. Major bugs fixed: - CI/CD: stabilized SBOM pipelines to ensure artifacts publish on trunk builds. - Nuclei/Windows install: addressed Windows-specific install issues to ensure robust DAST execution. - DAST config: fixed misconfigurations stemming from deprecated fields and misnamed config entries. Overall impact and accomplishments: - Increased data integrity, reliability, and usability of SBOM data and APIs, enabling faster clinician/product team decisions and smoother integration with security workflows. - Improved security tooling reliability and developer productivity through robust Nuclei installation, stable DAST configuration, and cleaner repository hygiene. Technologies and skills demonstrated: - Django REST Framework, SBOM data modeling, migrations, and granular authorization. - UI/UX improvements and frontend refinement for better data association. - Nuclei-based DAST tooling, cross-platform scripting and silent mode handling. - CI/CD pipeline stabilization and infrastructure hygiene practices. - Test coverage for authorization and end-to-end workflow validation.

Month: 2024-10 — Bancolombia/django-DefectDojo: Stabilized component-based filtering and improved data accuracy for SBOM-related views. Delivered a critical bug fix that restores reliable filtering by component name, version, and related product attributes across ComponentFilter and ProductComponentFilter. The change aligns field names and lookup expressions with the underlying Django models, reducing incorrect results and enabling faster triage.