From 985034b436ce9e65cb81589ee6d178f590cce17c Mon Sep 17 00:00:00 2001
From: Paul Osinski <42211303+paulOsinski@users.noreply.github.com>
Date: Mon, 2 Oct 2023 09:44:36 -0400
Subject: [PATCH] add parser formatting to bandit.md (#8757)

* add parser formatting to bandit.md

* add parser formatting to bandit.md

---------

Co-authored-by: Paul Osinski <paul-work@Pauls-MacBook-Pro.local>
Co-authored-by: Cody Maffucci <46459665+Maffooch@users.noreply.github.com>
---
 .../en/integrations/parsers/file/bandit.md    | 65 ++++++++++++++++++-
 1 file changed, 64 insertions(+), 1 deletion(-)

diff --git a/docs/content/en/integrations/parsers/file/bandit.md b/docs/content/en/integrations/parsers/file/bandit.md
index a1773574546..cf2734e0f57 100644
--- a/docs/content/en/integrations/parsers/file/bandit.md
+++ b/docs/content/en/integrations/parsers/file/bandit.md
@@ -2,4 +2,67 @@
 title: "Bandit"
 toc_hide: true
 ---
-JSON report format
+
+### File Types
+DefectDojo parser accepts a .json file.
+
+To export a .json file from Bandit, you will need to install and run the .json report formatter from your Bandit instance.  
+See Bandit documentation: https://bandit.readthedocs.io/en/latest/formatters/index.html
+
+
+### Acceptable JSON Format
+All properties are expected as strings, except "metrics" properties, which are expected as numbers.  All properties are required by the parser.
+
+~~~
+{
+    "errors": [],
+    "generated_at": "example-timestamp",
+    "metrics": {
+        "_totals": {
+            "CONFIDENCE.HIGH": 1.0,
+            "CONFIDENCE.LOW": 0.0,
+            "CONFIDENCE.MEDIUM": 0.0,
+            "CONFIDENCE.UNDEFINED": 0.0,
+            "SEVERITY.HIGH": 0.0,
+            "SEVERITY.LOW": 1.0,
+            "SEVERITY.MEDIUM": 0.0,
+            "SEVERITY.UNDEFINED": 0.0,
+            "loc": 2,
+            "nosec": 0
+        },
+            "one/one.py": {
+                "CONFIDENCE.HIGH": 1.0,
+                "CONFIDENCE.LOW": 0.0,
+                "CONFIDENCE.MEDIUM": 0.0,
+                "CONFIDENCE.UNDEFINED": 0.0,
+                "SEVERITY.HIGH": 0.0,
+                "SEVERITY.LOW": 1.0,
+                "SEVERITY.MEDIUM": 0.0,
+                "SEVERITY.UNDEFINED": 0.0,
+                "loc": 2,
+                "nosec": 0
+            }
+        ...
+    },
+    "results": [
+            {
+                "code": "1 import os\n2 assert False\n",
+                "filename": "example.filename",
+                "issue_confidence": "example_confidence",
+                "issue_severity": "example_severity",
+                "issue_text": "Example issue description.",
+                "line_number": 2,
+                "line_range": [
+                    2
+                ],
+                "more_info": "https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html",
+                "test_id": "B101",
+                "test_name": "assert_used"
+            }
+        ...
+    ]
+}
+~~~
+
+### Sample Scan Data
+Sample Bandit scans can be found at https://github.com/DefectDojo/sample-scan-files/tree/master/bandit.
\ No newline at end of file