Feature Requests

I would like to be able to export into excel the occurrence details for issues (file name, line number, etc.) so that I may pass these to developers. I'm only able to get the number off occurrences when creating a dashboard, but not the occurrence details.

We would want to enforce Secrets prevention scanning of IaC code with Gitleaks before deployment in an IACM stage, thanks.

We are scanning with Prowler V5, which generates reports in .json.asff format. Issue: Setting product_name: prowler fails to ingest the report. We are forced to use product_name: aws_security_hub to successfully ingest the file. Problem: Because we have to use the Security Hub parser, the Harness UI incorrectly labels the scanner as "AWS Security Hub" instead of "Prowler" (see attached screenshot). Request: Please update the prowler parser to support .json.asff files so we can ingest these reports under the correct scanner name. Failed execution with prowler product name: https://app.harness.io/ng/account/kTcDr-37TtqE3qs0P3Mltg/all/orgs/default/projects/analytics_external_violations_service/pipelines/analytics_external_violations_service_sto_pipeline/executions/6WAA-8qHQ-ilFn7Ej9oB9g/pipeline?storeType=INLINE Successful execution with AWS Security Hub product name: Above pipeline (Build Id: 252)

Please allow snyk monitor and snyk container monitor to be disabled when using the Snyk STO step in "orchestration" mode with either "Snyk Container" or "Snyk Open-Source" set as the scan configuration. When performing lots of builds, it is not always necessary to have Snyk itself monitor each each output and calling monitor on every build where scanning means Snyk itself becomes polluted with unwanted data.

Currently Harness STO supports deduplication for the issues present in the same scanner report, but if we are scanning the same code with multiple scanners, it is not deduplicating it. Please add support for it as it is critical for us and we can't rely on the report from a single scanner.

Need base image detection feature to be available for ingestion mode scans. The current feature supports orchestration mode scans. ETA of the feature ?

## Summary Add an officially supported FIPS-compliant container image variant for twistlock-job-runner used by Harness STO, so regulated environments can run Prisma/Twistlock scans while meeting compliance requirements. ## Problem / Why it matters Many organizations operating under FIPS compliance cannot use non-FIPS images in CI/CD scanning workflows. Today, the lack of a supported FIPS-compliant twistlock-job-runner blocks adoption of STO in regulated environments and prevents upgrades to newer runner versions required for feature improvements and accuracy parity. ## Desired outcome * A supported FIPS-compliant twistlock-job-runner image (or equivalent) is published and maintained. * Clear documentation on: * Supported tags/versions * How to enable/use the FIPS image in STO pipelines * Compatibility notes and support policy

Pull New Code Coverage from Sonarqube API and add as output variable Sonarqube

In the STO dashboard (across all visualizations), please add a field or dimension or as a filter that indicates whether a pipeline has been deleted. This is needed because, in some executions, severity data is still displayed even though the corresponding pipeline has already been deleted. Having this indicator would help clarify the state of such executions and avoid confusion.

FOR Dashboard : Harness the Tile “untitled“ does not load properly when the filter Pipeline Created Date is set to last 365 days Query : https://dashboards.harness.io/admin/queries/de1bf76d9a1738790bf284dcb4fab81b