harness - The Modern Software Delivery Platform®
Create
Log in
Home
Feedback
Feature Requests
Log in to your harness - The Modern Software Delivery Platform® account to give feedback
Log In
Boards
Feature Requests
Powered by Canny
Feature Requests
Anonymous
Feature Requests for Harness. Select 'Category' based on the module you are requesting the feature for.
Details
Category
Continuous Delivery & GitOps
Continuous Integration
Feature Flags
Cloud Cost Management
Service Reliability Management
Security Testing Orchestration
Chaos Engineering
Software Engineering Insights
General Platform Requests
Internal Developer Portal
Code Repository
IACM
Continuous Error Tracking
Drone 2.x
Open Source
SSCA
Uncategorized
Showing
Trending
Sort
Trending
Top
New
Filter
Under Review
Planned
In Progress
This Fiscal Quarter
Next Fiscal Quarter
Long-term
Pending Feedback
Complete
posts in
All Categories
All Categories
Continuous Delivery & GitOps (1,315)
Continuous Integration (280)
Feature Flags (68)
Cloud Cost Management (169)
Service Reliability Management (6)
Security Testing Orchestration (68)
Chaos Engineering (26)
Software Engineering Insights (83)
General Platform Requests (319)
Internal Developer Portal (56)
Code Repository (32)
IACM (14)
Continuous Error Tracking (9)
Drone 2.x (10)
Open Source (28)
SSCA (3)
Mend Scan - Update Runner
Mend has a newer CLI tool and v3.0 API, and is compatible with Mend’s SCA, SAST, and Container scanners We'd like to have the Mend Runner updated, so that these new functions can be utilized
2
·
next fiscal quarter
2
ScanStep using anchorctl filtering report
Good Day, we are currently using Anchore via your image which uses anchorectl to generate a Security Testing report. The report is being created without issue. However, the report includes the base layer of the image as well as application data. We would like the report to only show the application data layer. For example we have things like VIM or Ubi8 os related library file CVEs. This is confusing our customers as they are only concerned with there application data and what they need to remedy within their source code. Thank You.
1
·
next fiscal quarter
1
STO Exemption originator notification
Needed: Ability to notify the originator of an exemption (via email) when the state of his or her exemption request changes (Denied/Approved). Nice-to-have: Additional ability to include project owners/user-subset specified by role in those notifications.
2
·
next fiscal quarter
3
STO set default scan results for different scan tools
STO has it's own way of calculating vulnerabilities than that of the scan tool. We'd like the ability to use the specific calculation of the scan tool instead of what STO returns. For example, we have a medium severity vulnerability reported by Prisma Scan that Harness is reporting as high/critical. Although Harness does provide the raw scan results from the scanner, we'd like the ability to set the default results to be from Prisma instead of taking the calculation from STO in the Harness UI.
4
·
next fiscal quarter
3
Ability to change/edit the severity in Harness STO
As a user of Harness Security Testing Orchestration (STO), I would like the ability to change or edit the severity of findings identified during security scans. Since the severity is not matching as per our considerations and the actual risk in our environment. Add an option to edit the severity of a finding directly from the findings dashboard. Implement role-based permissions to control who can change the severity of findings.
14
·
next fiscal quarter
4
Ability to use custom created Scan Configurations in BurpSuite Enterprise
Burpsuite Enterprise has a facility to create custom scan configurations for scanning. Currently Harness only allows to select the default scan configurations given by Burp but there is no ability to select custom scan configurations. This would be essential as each type of application needs a different type of scan configuration in order to perform a better scan.
3
·
next fiscal quarter
1
Ability to add scope URLs for Burp Enterprise Scan
Following type of URLs are needed to added into the Scan Configuration before starting a scan to define a proper scope of the scan. Defining a proper scope is essential as this helps in including or excluding URLs from the scan. Types: Start URLs In-Scope URLs Out-of-scope URLs
3
·
next fiscal quarter
1
Support Anchore Role/Tenant assumption
Anchore Enterprise in our organization uses project specific contexts to store scans and image data. To support ingestion from different contexts (using service accounts at the all-users level), we require the ability to set the X-Anchore-Account header in the HTTPS request to the API with values specifying the context within the account to apply the queries to.
3
·
next fiscal quarter
2
Powered by Canny