[docs] Improve Invicti parser documentation with enterprise usage guidance

[balaakasam]

Description

This PR improves the existing Invicti parser documentation which only contained a one-line description and default deduplication fields. This is a documentation-only change and no parser code, models, or tests are modified.

Added content includes:

• Step-by-step export instructions for Invicti Enterprise
• Explanation of confirmed vs unconfirmed findings and how to
  handle them in DefectDojo
• Native integration setup steps for Invicti Enterprise users
• Severity mapping table from Invicti to DefectDojo
• Recommended workflow for enterprise teams running Invicti
  at scale across multiple applications
• Deduplication guidance for large scans

Test results

N/A - documentation only change, no code modified.

Documentation

This PR is the documentation update itself, improving the existing Invicti page at docs/content/supported_tools/parsers/file/invicti.md

Checklist

This checklist is for your information.

• Make sure to rebase your PR against the very latest dev.
• Features/Changes should be submitted against the dev.
• Bugfixes should be submitted against the bugfix branch.
• Give a meaningful name to your PR, as it may end up being used in the release notes.
• Your code is Ruff compliant (see ruff.toml).
• Your code is python 3.13 compliant.
• If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
• Model changes must include the necessary migrations in the dojo/db_migrations folder.
• Add applicable tests to the unit tests.
• Add the proper label to categorize your PR.

[valentijnscholten]

Thanks for the PR!

[mtesauro]

Approved

[valentijnscholten]

@balaakasam Could you look at tweaking the docs file to make our documentation checker happy?

uwsgi-1  | ======================================================================
uwsgi-1  | FAIL: test_file_existence (unittests.test_parsers.TestParsers.test_file_existence) (parser='invicti', category='docs')
uwsgi-1  | ----------------------------------------------------------------------
uwsgi-1  | Traceback (most recent call last):
uwsgi-1  |   File "/app/unittests/test_parsers.py", line 46, in test_file_existence
uwsgi-1  |     self.assertRegex(content, "### Sample Scan Data",
uwsgi-1  |     ~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
uwsgi-1  |                     f"Documentation file '{doc_file}' does not contain ### Sample Scan Data",
uwsgi-1  |                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
uwsgi-1  |                     )
uwsgi-1  |                     ^
uwsgi-1  | AssertionError: Regex didn't match: '### Sample Scan Data' not found in '---\ntitle: "Invicti"\ntoc_hide: true\n---\n\nVulnerabilities List - JSON report\n\nInvicti is a web application security scanner available as Invicti \nEnterprise (cloud-based) and Invicti Standard (on-premise). It identifies \nvulnerabilities through automated crawling and attack simulation, producing \nconfirmed and unconfirmed findings with proof of exploit where available.\n\nDefectDojo supports two methods of ingesting Invicti findings:\n\n1. **File-based import** - Export a Vulnerabilities List in JSON format \n   from Invicti and upload it manually into DefectDojo\n2. **Native integration** - Configure Invicti Enterprise to push findings \n   directly to DefectDojo automatically after each scan\n\n---\n\n## File-Based Import\n\n### How to Export from Invicti Enterprise\n\n1. Log in to Invicti Enterprise\n2. Go to **Scans > Recent Scans** and select the relevant scan\n3. Select **Report**\n4. Under **Lists**, select **Vulnerabilities List**\n5. From the **Format** drop-down, select **JSON**\n6. Configure export options as needed:\n   - **Exclude Addressed Issues** — excludes findings already actioned \n     in Invicti\n   - **Export Confirmed** - includes only findings verified with proof \n     of exploit\n   - **Export Unconfirmed** - includes findings detected but not \n     fully verified\n7. Select **Export** and save the JSON file\n8. Upload the file into DefectDojo under your chosen Engagement \n   using **Import Scan > Invicti Scan**\n\n### Confirmed vs Unconfirmed Findings\n\nInvicti classifies findings in two ways:\n\n- **Confirmed** - Invicti verified the vulnerability with a proof of \n  exploit. These are high-confidence findings and should be prioritized.\n- **Unconfirmed** - Invicti detected indicators of a vulnerability but \n  could not fully verify it. These require manual review before acting \n  on them.\n\nIt is recommended to export both confirmed and unconfirmed findings and \nuse DefectDojo\'s **Active/Verified** flags to track review status rather \nthan filtering at export time. This preserves full visibility and avoids \nlosing findings from the vulnerability record.\n\n---\n\n## Native Integration (Invicti Enterprise)\n\nInvicti Enterprise supports direct integration with DefectDojo, allowing \nfindings to be pushed automatically after each scan without manual \nfile export.\n\n### Prerequisites\n- A DefectDojo API key with appropriate permissions\n- An existing Product and Engagement in DefectDojo to receive findings\n\n### Setup Steps\n\n1. Log in to Invicti Enterprise\n2. Go to **Integrations > New Integration**\n3. Under **Issue Tracking Systems**, select **DefectDojo**\n4. Enter a name for the integration\n5. Enter your DefectDojo URL, API key, Product ID, and Engagement ID\n6. Optionally add tags to help filter imported findings in DefectDojo\n7. Select **Save**\n8. Use **Test Credentials** to confirm the connection is working\n\nOnce configured, Invicti Enterprise can be set to automatically push \nfindings to DefectDojo after each completed scan. This is recommended \nfor teams running regular or scheduled scans as it removes the manual \nexport step and keeps DefectDojo up to date in near real time.\n\n---\n\n## Severity Mapping\n\n| Invicti Severity | DefectDojo Severity |\n|---|---|\n| Critical | Critical |\n| High | High |\n| Medium | Medium |\n| Low | Low |\n| Best Practice / Information | Info |\n\nInvicti also uses action-based priority labels in its reports such as \n"Fix Immediately" and "Fix Soon". These do not map directly into \nDefectDojo severity fields but can be used to inform triage decisions \nwhen reviewing imported findings.\n\n---\n\n## Recommended Workflow for Enterprise Use\n\nFor teams running Invicti Enterprise across multiple applications:\n\n1. **Use the native integration** rather than manual file exports to \n   reduce operational overhead\n2. **Use Reimport** (not Import) for recurring scans on the same target \n   to track finding status over time rather than creating duplicate records\n3. **Export Confirmed and Unconfirmed separately** if your team has a \n   formal triage process — import confirmed findings as active and \n   unconfirmed findings as requiring review\n4. **Set SLA thresholds** in DefectDojo aligned to Invicti severity \n   levels so that Critical and High findings trigger appropriate \n   remediation timelines automatically\n\n---\n\n## Sample Scan Data\n\nSample Invicti scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/invicti).\n\n---\n\n## Default Deduplication Hashcode Fields\n\nBy default, DefectDojo identifies duplicate Findings using these \n[hashcode fields](https://docs.defectdojo.com/en/working_with_findings/finding_deduplication/about_deduplication/):\n\n- title\n- description\n- severity\n\n### Note on Deduplication for Large Scans\n\nInvicti can report the same vulnerability type across multiple URLs, \nwhich means importing large scans without reviewing deduplication \nsettings can result in a high volume of findings that represent the \nsame underlying vulnerability class. To manage this:\n\n- Consider enabling **Apply Same Findings** in your Engagement settings \n  to group similar findings\n- Use **Reimport** instead of Import for recurring scans to update \n  existing findings rather than creating new ones each time\n' : Documentation file '/app/docs/content/supported_tools/parsers/file/invicti.md' does not contain ### Sample Scan Data

[Maffooch]

Oops - I did not realize this has failing docs tests! Once these are fixed, we can merge