Hi Simon! Again!...SSH exit-code 2 error & TeamCity

[Khopithan Sathiyakeerthy]

Hi Simon,

I already faced an error(SSH code-exit 2) while doing a vulnerability scan from TeamCity using ZAP containers. So, you said that, that is caused by ZAP and gave me a solution like  "generate the .conf file and IGNORE the new WARNings and use the .conf file for the scan" and I tried and got success in my TeamCity build.

Now the issue is, when I generate a report directly I can see the all vulnerabilities. After IGNORE them, while doing scan, I am getting some less vulnerabilities results.

But my purpose is Automate the ZAP with TeamCity and get the complete vulnerability report. If I IGNORE those WARNings, there is no point to do that. So, can you please give me a solution for "Without IGNORE the scan policies and run the scan from TeamCity" 

Regards,

Khopi

[Simon Bennetts]

Hi Khopi,

Thats a known restriction of the packaged scans and one of the reasons why we are migrating them to use the Automation Framework.

You can try to use the Automation Framework directly, but be aware its still alpha quality (hopefully soon to be beta).

Or you can wait until we've migrated more of the packaged scan scripts.

Cheers,

Simon

[Khopithan Sathiyakeerthy]

Hi Simon, 

Thank you, I'll try the Automation framework then.

Best,

Khopi