From 811c81bcc26f9e8a1d749d4d325702dd7b22ec88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andr=C3=A1s=20J=C3=A1ky?= Date: Thu, 8 Feb 2024 10:50:06 +0100 Subject: [PATCH] refactor: update Misconfiguration field names MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: András Jáky --- api/server/database/gorm/odata.go | 34 +- cli/families/misconfiguration/fake/scanner.go | 32 +- cli/families/misconfiguration/family.go | 2 +- cli/families/misconfiguration/family_test.go | 48 +- .../misconfiguration/lynis/reportParser.go | 16 +- .../lynis/reportParser_test.go | 1016 ++++++++--------- .../misconfiguration/types/scannerResult.go | 8 +- cli/findingkey/common_test.go | 2 +- cli/findingkey/misconfiguration.go | 6 +- cli/presenter/apimodel.go | 16 +- cli/presenter/apimodel_test.go | 74 +- .../processor/assetscan/misconfigurations.go | 18 +- uibackend/server/dashboard_findings_impact.go | 16 +- 13 files changed, 644 insertions(+), 644 deletions(-) diff --git a/api/server/database/gorm/odata.go b/api/server/database/gorm/odata.go index bf2392d3f..fbf72bbd3 100644 --- a/api/server/database/gorm/odata.go +++ b/api/server/database/gorm/odata.go @@ -364,14 +364,14 @@ var schemaMetas = map[string]odatasql.SchemaMeta{ }, "Misconfiguration": { Fields: odatasql.Schema{ - "scannerName": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "scannedPath": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testCategory": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testID": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testDescription": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "severity": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "message": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "remediation": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "scannerName": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "location": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "category": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "id": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "description": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "severity": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "message": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "remediation": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, }, }, "RootkitScan": { @@ -985,15 +985,15 @@ var schemaMetas = map[string]odatasql.SchemaMeta{ }, "MisconfigurationFindingInfo": { Fields: odatasql.Schema{ - "objectType": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "scannerName": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "scannedPath": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testCategory": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testID": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "testDescription": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "severity": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "message": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, - "remediation": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "objectType": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "scannerName": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "location": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "category": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "id": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "description": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "severity": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "message": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, + "remediation": odatasql.FieldMeta{FieldType: odatasql.StringFieldType}, }, }, "InfoFinderFindingInfo": { diff --git a/cli/families/misconfiguration/fake/scanner.go b/cli/families/misconfiguration/fake/scanner.go index e76fb4e00..827728184 100644 --- a/cli/families/misconfiguration/fake/scanner.go +++ b/cli/families/misconfiguration/fake/scanner.go @@ -55,44 +55,44 @@ func (a *Scanner) Run(sourceType utils.SourceType, userInput string) error { func createFakeMisconfigurationReport() []misconfigurationTypes.Misconfiguration { return []misconfigurationTypes.Misconfiguration{ { - ScannedPath: "/fake", + Location: "/fake", - TestCategory: "FAKE", - TestID: "Test1", - TestDescription: "Fake test number 1", + Category: "FAKE", + ID: "Test1", + Description: "Fake test number 1", Message: "Fake test number 1 failed", Severity: misconfigurationTypes.HighSeverity, Remediation: "fix the thing number 1", }, { - ScannedPath: "/fake", + Location: "/fake", - TestCategory: "FAKE", - TestID: "Test2", - TestDescription: "Fake test number 2", + Category: "FAKE", + ID: "Test2", + Description: "Fake test number 2", Message: "Fake test number 2 failed", Severity: misconfigurationTypes.LowSeverity, Remediation: "fix the thing number 2", }, { - ScannedPath: "/fake", + Location: "/fake", - TestCategory: "FAKE", - TestID: "Test3", - TestDescription: "Fake test number 3", + Category: "FAKE", + ID: "Test3", + Description: "Fake test number 3", Message: "Fake test number 3 failed", Severity: misconfigurationTypes.MediumSeverity, Remediation: "fix the thing number 3", }, { - ScannedPath: "/fake", + Location: "/fake", - TestCategory: "FAKE", - TestID: "Test4", - TestDescription: "Fake test number 4", + Category: "FAKE", + ID: "Test4", + Description: "Fake test number 4", Message: "Fake test number 4 failed", Severity: misconfigurationTypes.HighSeverity, diff --git a/cli/families/misconfiguration/family.go b/cli/families/misconfiguration/family.go index c16362ca9..74b203133 100644 --- a/cli/families/misconfiguration/family.go +++ b/cli/families/misconfiguration/family.go @@ -77,7 +77,7 @@ func (m Misconfiguration) Run(ctx context.Context, _ *results.Results) (interfac // StripPathFromResult strip input path from results wherever it is found. func StripPathFromResult(result misconfigurationTypes.ScannerResult, path string) misconfigurationTypes.ScannerResult { for i := range result.Misconfigurations { - result.Misconfigurations[i].ScannedPath = familiesutils.TrimMountPath(result.Misconfigurations[i].ScannedPath, path) + result.Misconfigurations[i].Location = familiesutils.TrimMountPath(result.Misconfigurations[i].Location, path) } return result } diff --git a/cli/families/misconfiguration/family_test.go b/cli/families/misconfiguration/family_test.go index ac8760488..d5ceb0368 100644 --- a/cli/families/misconfiguration/family_test.go +++ b/cli/families/misconfiguration/family_test.go @@ -39,22 +39,22 @@ func TestStripPathFromResult(t *testing.T) { ScannerName: "scanner1", Misconfigurations: []types.Misconfiguration{ { - ScannedPath: "/mnt/foo", - TestCategory: "test1", - TestID: "id1", - TestDescription: "desc1", + Location: "/mnt/foo", + Category: "test1", + ID: "id1", + Description: "desc1", }, { - ScannedPath: "/mnt/foo2", - TestCategory: "test2", - TestID: "id2", - TestDescription: "desc2", + Location: "/mnt/foo2", + Category: "test2", + ID: "id2", + Description: "desc2", }, { - ScannedPath: "/foo3", - TestCategory: "test3", - TestID: "id3", - TestDescription: "desc3", + Location: "/foo3", + Category: "test3", + ID: "id3", + Description: "desc3", }, }, }, @@ -64,22 +64,22 @@ func TestStripPathFromResult(t *testing.T) { ScannerName: "scanner1", Misconfigurations: []types.Misconfiguration{ { - ScannedPath: "/foo", - TestCategory: "test1", - TestID: "id1", - TestDescription: "desc1", + Location: "/foo", + Category: "test1", + ID: "id1", + Description: "desc1", }, { - ScannedPath: "/foo2", - TestCategory: "test2", - TestID: "id2", - TestDescription: "desc2", + Location: "/foo2", + Category: "test2", + ID: "id2", + Description: "desc2", }, { - ScannedPath: "/foo3", - TestCategory: "test3", - TestID: "id3", - TestDescription: "desc3", + Location: "/foo3", + Category: "test3", + ID: "id3", + Description: "desc3", }, }, }, diff --git a/cli/families/misconfiguration/lynis/reportParser.go b/cli/families/misconfiguration/lynis/reportParser.go index 1e7e51694..422abf1f9 100644 --- a/cli/families/misconfiguration/lynis/reportParser.go +++ b/cli/families/misconfiguration/lynis/reportParser.go @@ -97,7 +97,7 @@ func (a *ReportParser) parseLynisReportLine(scanPath string, line string) (bool, // LYNIS suggestions are about the lynis install itself, we // should ignore these. - if mis.TestID == "LYNIS" { + if mis.ID == "LYNIS" { return false, types.Misconfiguration{}, nil } @@ -133,12 +133,12 @@ func (a *ReportParser) valueToMisconfiguration(scanPath string, value string, se message := fmt.Sprintf("%s Details: %s", parts[1], parts[2]) return types.Misconfiguration{ - ScannedPath: scanPath, - TestCategory: a.testdb.GetCategoryForTestID(parts[0]), - TestID: parts[0], - TestDescription: a.testdb.GetDescriptionForTestID(parts[0]), - Severity: severity, - Message: message, - Remediation: parts[3], + Location: scanPath, + Category: a.testdb.GetCategoryForTestID(parts[0]), + ID: parts[0], + Description: a.testdb.GetDescriptionForTestID(parts[0]), + Severity: severity, + Message: message, + Remediation: parts[3], }, nil } diff --git a/cli/families/misconfiguration/lynis/reportParser_test.go b/cli/families/misconfiguration/lynis/reportParser_test.go index 9f9bf7808..70cf70d52 100644 --- a/cli/families/misconfiguration/lynis/reportParser_test.go +++ b/cli/families/misconfiguration/lynis/reportParser_test.go @@ -168,13 +168,13 @@ func TestReportParser_parseLynisReportLine(t *testing.T) { }, want: true, want1: types.Misconfiguration{ - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "LowSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "LowSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, { @@ -188,13 +188,13 @@ func TestReportParser_parseLynisReportLine(t *testing.T) { }, want: true, want1: types.Misconfiguration{ - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "HighSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "HighSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, { @@ -333,13 +333,13 @@ func TestReportParser_valueToMisconfiguration(t *testing.T) { severity: types.LowSeverity, }, want: types.Misconfiguration{ - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "LowSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "LowSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, { @@ -353,13 +353,13 @@ func TestReportParser_valueToMisconfiguration(t *testing.T) { severity: types.HighSeverity, }, want: types.Misconfiguration{ - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "HighSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "HighSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, { @@ -373,13 +373,13 @@ func TestReportParser_valueToMisconfiguration(t *testing.T) { severity: types.HighSeverity, }, want: types.Misconfiguration{ - ScannedPath: "scanPath2", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "HighSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath2", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "HighSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, { @@ -470,13 +470,13 @@ func TestReportParser_scanLynisReportFile(t *testing.T) { }, want: []types.Misconfiguration{ { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "LowSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "LowSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", }, }, }, @@ -527,471 +527,471 @@ func TestReportParser_scanLynisReportFile(t *testing.T) { var testdataMisconfigurations = []types.Misconfiguration{ { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "BOOT-5122", - TestDescription: "Check for GRUB boot password", - Severity: "LowSeverity", - Message: "Set a password on GRUB boot loader to prevent altering boot configuration (e.g. boot in single user mode without password) Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "BOOT-5264", - TestDescription: "Run systemd-analyze security", - Severity: "LowSeverity", - Message: "Consider hardening system services Details: Run '/usr/bin/systemd-analyze security SERVICE' for each service", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "KRNL-5788", - TestDescription: "Checking availability new Linux kernel", - Severity: "LowSeverity", - Message: "Determine why /home/ubuntu/debian11/vmlinuz or /home/ubuntu/debian11/boot/vmlinuz is missing on this Debian/Ubuntu system. Details: /vmlinuz or /boot/vmlinuz", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "KRNL-5820", - TestDescription: "Checking core dumps configuration", - Severity: "LowSeverity", - Message: "If not required, consider explicit disabling of core dump in /etc/security/limits.conf file Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "KRNL-5830", - TestDescription: "Checking if system is running on the latest installed kernel", - Severity: "HighSeverity", - Message: "Reboot of system is most likely needed Details: ", - Remediation: "text:reboot", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "AUTH-9230", - TestDescription: "Check group password hashing rounds", - Severity: "LowSeverity", - Message: "Configure password hashing rounds in /etc/login.defs Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "AUTH-9262", - TestDescription: "Checking presence password strength testing tools (PAM)", - Severity: "LowSeverity", - Message: "Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "AUTH-9286", - TestDescription: "Checking user password aging", - Severity: "LowSeverity", - Message: "Configure minimum password age in /etc/login.defs Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "AUTH-9286", - TestDescription: "Checking user password aging", - Severity: "LowSeverity", - Message: "Configure maximum password age in /etc/login.defs Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "AUTH-9328", - TestDescription: "Default umask values", - Severity: "LowSeverity", - Message: "Default umask in /etc/login.defs could be more strict like 027 Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6310", - TestDescription: "Checking /tmp, /home and /var directory", - Severity: "LowSeverity", - Message: "To decrease the impact of a full /home file system, place /home on a separate partition Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6310", - TestDescription: "Checking /tmp, /home and /var directory", - Severity: "LowSeverity", - Message: "To decrease the impact of a full /tmp file system, place /tmp on a separate partition Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6310", - TestDescription: "Checking /tmp, /home and /var directory", - Severity: "LowSeverity", - Message: "To decrease the impact of a full /var file system, place /var on a separate partition Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6362", - TestDescription: "Checking /tmp sticky bit", - Severity: "LowSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", - Remediation: "text:Set sticky bit", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-6363", - TestDescription: "Checking /var/tmp sticky bit", - Severity: "LowSeverity", - Message: "Set the sticky bit on /home/ubuntu/debian11/var/tmp, to prevent users deleting (by other owned) files in the /var/tmp directory. Details: /var/tmp", - Remediation: "text:Set sticky bit", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "USB-1000", - TestDescription: "Check if USB storage is disabled", - Severity: "LowSeverity", - Message: "Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "STRG-1846", - TestDescription: "Check if firewire storage is disabled", - Severity: "LowSeverity", - Message: "Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "NAME-4404", - TestDescription: "Check /etc/hosts contains an entry for this server name", - Severity: "LowSeverity", - Message: "Add the IP name and FQDN to /etc/hosts for proper name resolving Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7346", - TestDescription: "Search unpurged packages on system", - Severity: "LowSeverity", - Message: "Purge old/removed packages (1 found) with aptitude purge or dpkg --purge command. This will cleanup old configuration files, cron jobs and startup scripts. Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7370", - TestDescription: "Checking for debsums utility", - Severity: "LowSeverity", - Message: "Install debsums utility for the verification of packages with known good database. Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7390", - TestDescription: "Check Ubuntu database consistency", - Severity: "HighSeverity", - Message: "apt-get check returned a non successful exit code. Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7390", - TestDescription: "Check Ubuntu database consistency", - Severity: "LowSeverity", - Message: "Run apt-get to perform a manual package database consistency check. Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7394", - TestDescription: "Check for Ubuntu updates", - Severity: "LowSeverity", - Message: "Install package apt-show-versions for patch management purposes Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "PKGS-7420", - TestDescription: "Detect toolkit to automatically download and apply upgrades", - Severity: "LowSeverity", - Message: "Consider using a tool to automatically apply upgrades Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "NETW-3200", - TestDescription: "Determine available network protocols", - Severity: "LowSeverity", - Message: "Determine if protocol 'dccp' is really needed on this system Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "NETW-3200", - TestDescription: "Determine available network protocols", - Severity: "LowSeverity", - Message: "Determine if protocol 'sctp' is really needed on this system Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "NETW-3200", - TestDescription: "Determine available network protocols", - Severity: "LowSeverity", - Message: "Determine if protocol 'rds' is really needed on this system Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "NETW-3200", - TestDescription: "Determine available network protocols", - Severity: "LowSeverity", - Message: "Determine if protocol 'tipc' is really needed on this system Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FIRE-4513", - TestDescription: "Check iptables for unused rules", - Severity: "LowSeverity", - Message: "Check iptables rules to see which rules are currently not used Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: AllowTcpForwarding (set YES to NO)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: ClientAliveCountMax (set 3 to 2)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: Compression (set YES to NO)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: LogLevel (set INFO to VERBOSE)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: MaxAuthTries (set 6 to 3)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: MaxSessions (set 10 to 2)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: Port (set 22 to )", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: TCPKeepAlive (set YES to NO)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: X11Forwarding (set YES to NO)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SSH-7408", - TestDescription: "Check SSH specific defined options", - Severity: "LowSeverity", - Message: "Consider hardening SSH configuration Details: AllowAgentForwarding (set YES to NO)", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "LOGG-2154", - TestDescription: "Checking syslog configuration file", - Severity: "LowSeverity", - Message: "Enable logging to an external logging host for archiving purposes and additional protection Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "LOGG-2190", - TestDescription: "Checking for deleted files in use", - Severity: "LowSeverity", - Message: "Check what deleted files are still in use and why. Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "BANN-7126", - TestDescription: "Check issue banner file contents", - Severity: "LowSeverity", - Message: "Add a legal banner to /home/ubuntu/debian11/etc/issue, to warn unauthorized users Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "BANN-7130", - TestDescription: "Check issue.net banner file contents", - Severity: "LowSeverity", - Message: "Add legal banner to /etc/issue.net, to warn unauthorized users Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "SCHD-7704", - TestDescription: "Check crontab/cronjobs", - Severity: "HighSeverity", - Message: "Found one or more cronjob files with incorrect ownership (see log for details) Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "ACCT-9622", - TestDescription: "Check for available Linux accounting information", - Severity: "LowSeverity", - Message: "Enable process accounting Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "ACCT-9626", - TestDescription: "Check for sysstat accounting data", - Severity: "LowSeverity", - Message: "Enable sysstat to collect accounting (no results) Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "ACCT-9628", - TestDescription: "Check for auditd", - Severity: "LowSeverity", - Message: "Enable auditd to collect audit information Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FINT-4350", - TestDescription: "File integrity software installed", - Severity: "LowSeverity", - Message: "Install a file integrity tool to monitor changes to critical and sensitive files Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "TOOL-5002", - TestDescription: "Checking for automation tools", - Severity: "LowSeverity", - Message: "Determine if automation tools are present for system management Details: -", - Remediation: "-", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "FILE-7524", - TestDescription: "Perform file permissions check", - Severity: "LowSeverity", - Message: "Consider restricting file permissions Details: See screen output or log file", - Remediation: "text:Use chmod to change file permissions", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "KRNL-6000", - TestDescription: "Check sysctl key pairs in scan profile", - Severity: "LowSeverity", - Message: "One or more sysctl values differ from the scan profile and could be tweaked Details: ", - Remediation: "Change sysctl value or disable test (skip-test=KRNL-6000:)", - }, - { - ScannedPath: "scanPath", - TestCategory: "security", - TestID: "HRDN-7230", - TestDescription: "Check for malware scanner", - Severity: "LowSeverity", - Message: "Harden the system by installing at least one malware scanner, to perform periodic file system scans Details: -", - Remediation: "Install a tool like rkhunter, chkrootkit, OSSEC", + Location: "scanPath", + Category: "security", + ID: "BOOT-5122", + Description: "Check for GRUB boot password", + Severity: "LowSeverity", + Message: "Set a password on GRUB boot loader to prevent altering boot configuration (e.g. boot in single user mode without password) Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "BOOT-5264", + Description: "Run systemd-analyze security", + Severity: "LowSeverity", + Message: "Consider hardening system services Details: Run '/usr/bin/systemd-analyze security SERVICE' for each service", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "KRNL-5788", + Description: "Checking availability new Linux kernel", + Severity: "LowSeverity", + Message: "Determine why /home/ubuntu/debian11/vmlinuz or /home/ubuntu/debian11/boot/vmlinuz is missing on this Debian/Ubuntu system. Details: /vmlinuz or /boot/vmlinuz", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "KRNL-5820", + Description: "Checking core dumps configuration", + Severity: "LowSeverity", + Message: "If not required, consider explicit disabling of core dump in /etc/security/limits.conf file Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "KRNL-5830", + Description: "Checking if system is running on the latest installed kernel", + Severity: "HighSeverity", + Message: "Reboot of system is most likely needed Details: ", + Remediation: "text:reboot", + }, + { + Location: "scanPath", + Category: "security", + ID: "AUTH-9230", + Description: "Check group password hashing rounds", + Severity: "LowSeverity", + Message: "Configure password hashing rounds in /etc/login.defs Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "AUTH-9262", + Description: "Checking presence password strength testing tools (PAM)", + Severity: "LowSeverity", + Message: "Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "AUTH-9286", + Description: "Checking user password aging", + Severity: "LowSeverity", + Message: "Configure minimum password age in /etc/login.defs Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "AUTH-9286", + Description: "Checking user password aging", + Severity: "LowSeverity", + Message: "Configure maximum password age in /etc/login.defs Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "AUTH-9328", + Description: "Default umask values", + Severity: "LowSeverity", + Message: "Default umask in /etc/login.defs could be more strict like 027 Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-6310", + Description: "Checking /tmp, /home and /var directory", + Severity: "LowSeverity", + Message: "To decrease the impact of a full /home file system, place /home on a separate partition Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-6310", + Description: "Checking /tmp, /home and /var directory", + Severity: "LowSeverity", + Message: "To decrease the impact of a full /tmp file system, place /tmp on a separate partition Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-6310", + Description: "Checking /tmp, /home and /var directory", + Severity: "LowSeverity", + Message: "To decrease the impact of a full /var file system, place /var on a separate partition Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-6362", + Description: "Checking /tmp sticky bit", + Severity: "LowSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/tmp, to prevent users deleting (by other owned) files in the /tmp directory. Details: /tmp", + Remediation: "text:Set sticky bit", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-6363", + Description: "Checking /var/tmp sticky bit", + Severity: "LowSeverity", + Message: "Set the sticky bit on /home/ubuntu/debian11/var/tmp, to prevent users deleting (by other owned) files in the /var/tmp directory. Details: /var/tmp", + Remediation: "text:Set sticky bit", + }, + { + Location: "scanPath", + Category: "security", + ID: "USB-1000", + Description: "Check if USB storage is disabled", + Severity: "LowSeverity", + Message: "Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "STRG-1846", + Description: "Check if firewire storage is disabled", + Severity: "LowSeverity", + Message: "Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "NAME-4404", + Description: "Check /etc/hosts contains an entry for this server name", + Severity: "LowSeverity", + Message: "Add the IP name and FQDN to /etc/hosts for proper name resolving Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7346", + Description: "Search unpurged packages on system", + Severity: "LowSeverity", + Message: "Purge old/removed packages (1 found) with aptitude purge or dpkg --purge command. This will cleanup old configuration files, cron jobs and startup scripts. Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7370", + Description: "Checking for debsums utility", + Severity: "LowSeverity", + Message: "Install debsums utility for the verification of packages with known good database. Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7390", + Description: "Check Ubuntu database consistency", + Severity: "HighSeverity", + Message: "apt-get check returned a non successful exit code. Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7390", + Description: "Check Ubuntu database consistency", + Severity: "LowSeverity", + Message: "Run apt-get to perform a manual package database consistency check. Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7394", + Description: "Check for Ubuntu updates", + Severity: "LowSeverity", + Message: "Install package apt-show-versions for patch management purposes Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "PKGS-7420", + Description: "Detect toolkit to automatically download and apply upgrades", + Severity: "LowSeverity", + Message: "Consider using a tool to automatically apply upgrades Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "NETW-3200", + Description: "Determine available network protocols", + Severity: "LowSeverity", + Message: "Determine if protocol 'dccp' is really needed on this system Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "NETW-3200", + Description: "Determine available network protocols", + Severity: "LowSeverity", + Message: "Determine if protocol 'sctp' is really needed on this system Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "NETW-3200", + Description: "Determine available network protocols", + Severity: "LowSeverity", + Message: "Determine if protocol 'rds' is really needed on this system Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "NETW-3200", + Description: "Determine available network protocols", + Severity: "LowSeverity", + Message: "Determine if protocol 'tipc' is really needed on this system Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FIRE-4513", + Description: "Check iptables for unused rules", + Severity: "LowSeverity", + Message: "Check iptables rules to see which rules are currently not used Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: AllowTcpForwarding (set YES to NO)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: ClientAliveCountMax (set 3 to 2)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: Compression (set YES to NO)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: LogLevel (set INFO to VERBOSE)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: MaxAuthTries (set 6 to 3)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: MaxSessions (set 10 to 2)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: Port (set 22 to )", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: TCPKeepAlive (set YES to NO)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: X11Forwarding (set YES to NO)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SSH-7408", + Description: "Check SSH specific defined options", + Severity: "LowSeverity", + Message: "Consider hardening SSH configuration Details: AllowAgentForwarding (set YES to NO)", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "LOGG-2154", + Description: "Checking syslog configuration file", + Severity: "LowSeverity", + Message: "Enable logging to an external logging host for archiving purposes and additional protection Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "LOGG-2190", + Description: "Checking for deleted files in use", + Severity: "LowSeverity", + Message: "Check what deleted files are still in use and why. Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "BANN-7126", + Description: "Check issue banner file contents", + Severity: "LowSeverity", + Message: "Add a legal banner to /home/ubuntu/debian11/etc/issue, to warn unauthorized users Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "BANN-7130", + Description: "Check issue.net banner file contents", + Severity: "LowSeverity", + Message: "Add legal banner to /etc/issue.net, to warn unauthorized users Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "SCHD-7704", + Description: "Check crontab/cronjobs", + Severity: "HighSeverity", + Message: "Found one or more cronjob files with incorrect ownership (see log for details) Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "ACCT-9622", + Description: "Check for available Linux accounting information", + Severity: "LowSeverity", + Message: "Enable process accounting Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "ACCT-9626", + Description: "Check for sysstat accounting data", + Severity: "LowSeverity", + Message: "Enable sysstat to collect accounting (no results) Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "ACCT-9628", + Description: "Check for auditd", + Severity: "LowSeverity", + Message: "Enable auditd to collect audit information Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FINT-4350", + Description: "File integrity software installed", + Severity: "LowSeverity", + Message: "Install a file integrity tool to monitor changes to critical and sensitive files Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "TOOL-5002", + Description: "Checking for automation tools", + Severity: "LowSeverity", + Message: "Determine if automation tools are present for system management Details: -", + Remediation: "-", + }, + { + Location: "scanPath", + Category: "security", + ID: "FILE-7524", + Description: "Perform file permissions check", + Severity: "LowSeverity", + Message: "Consider restricting file permissions Details: See screen output or log file", + Remediation: "text:Use chmod to change file permissions", + }, + { + Location: "scanPath", + Category: "security", + ID: "KRNL-6000", + Description: "Check sysctl key pairs in scan profile", + Severity: "LowSeverity", + Message: "One or more sysctl values differ from the scan profile and could be tweaked Details: ", + Remediation: "Change sysctl value or disable test (skip-test=KRNL-6000:)", + }, + { + Location: "scanPath", + Category: "security", + ID: "HRDN-7230", + Description: "Check for malware scanner", + Severity: "LowSeverity", + Message: "Harden the system by installing at least one malware scanner, to perform periodic file system scans Details: -", + Remediation: "Install a tool like rkhunter, chkrootkit, OSSEC", }, } diff --git a/cli/families/misconfiguration/types/scannerResult.go b/cli/families/misconfiguration/types/scannerResult.go index cdefcccf6..a23070d36 100644 --- a/cli/families/misconfiguration/types/scannerResult.go +++ b/cli/families/misconfiguration/types/scannerResult.go @@ -30,13 +30,13 @@ type Misconfiguration struct { // This might just be the scanner input if the tool scans it as a whole // or it can be a specific file if the scanner performs some // sub-discovery like trivy. - ScannedPath string `json:"ScannedPath"` + Location string `json:"Location"` // Information about the test that was run to detect this specific // misconfiguration, this is specific to each Scanner. - TestCategory string `json:"TestCategory"` - TestID string `json:"TestID"` - TestDescription string `json:"TestDescription"` + Category string `json:"Category"` + ID string `json:"ID"` + Description string `json:"Description"` // Information about this specific misconfiguration hit Severity Severity `json:"Severity"` diff --git a/cli/findingkey/common_test.go b/cli/findingkey/common_test.go index 000074c77..f1217075e 100644 --- a/cli/findingkey/common_test.go +++ b/cli/findingkey/common_test.go @@ -55,7 +55,7 @@ func TestGenerateFindingKey(t *testing.T) { miscFindingInfo := apitypes.MisconfigurationFindingInfo{ Message: to.Ptr("Message"), ScannerName: to.Ptr("ScannerName"), - TestID: to.Ptr("TestID"), + Id: to.Ptr("Id"), } secretFindingInfo := apitypes.SecretFindingInfo{ EndColumn: to.Ptr(1), diff --git a/cli/findingkey/misconfiguration.go b/cli/findingkey/misconfiguration.go index f08825fe2..ea406ff19 100644 --- a/cli/findingkey/misconfiguration.go +++ b/cli/findingkey/misconfiguration.go @@ -25,13 +25,13 @@ import ( // message in the unique key. type MisconfigurationKey struct { ScannerName string - TestID string + ID string Message string } // String returns an unique string representation of the misconfiguration finding. func (k MisconfigurationKey) String() string { - return fmt.Sprintf("%s.%s.%s", k.ScannerName, k.TestID, k.Message) + return fmt.Sprintf("%s.%s.%s", k.ScannerName, k.ID, k.Message) } // MisconfigurationString returns an unique string representation of the misconfiguration independent of @@ -43,7 +43,7 @@ func (k MisconfigurationKey) MisconfigurationString() string { func GenerateMisconfigurationKey(info apitypes.MisconfigurationFindingInfo) MisconfigurationKey { return MisconfigurationKey{ ScannerName: *info.ScannerName, - TestID: *info.TestID, + ID: *info.Id, Message: *info.Message, } } diff --git a/cli/presenter/apimodel.go b/cli/presenter/apimodel.go index 2a73d6cfd..d4467acb1 100644 --- a/cli/presenter/apimodel.go +++ b/cli/presenter/apimodel.go @@ -286,14 +286,14 @@ func ConvertMisconfigurationResultToMisconfigurationsAndScanners(misconfiguratio } misconfigurations = append(misconfigurations, apitypes.Misconfiguration{ - ScannerName: &misconfig.ScannerName, - ScannedPath: &misconfig.ScannedPath, - TestCategory: &misconfig.TestCategory, - TestID: &misconfig.TestID, - TestDescription: &misconfig.TestDescription, - Severity: &severity, - Message: &misconfig.Message, - Remediation: &misconfig.Remediation, + ScannerName: &misconfig.ScannerName, + Location: &misconfig.Location, + Category: &misconfig.Category, + Id: &misconfig.ID, + Description: &misconfig.Description, + Severity: &severity, + Message: &misconfig.Message, + Remediation: &misconfig.Remediation, }) } diff --git a/cli/presenter/apimodel_test.go b/cli/presenter/apimodel_test.go index d0af86937..26750d422 100644 --- a/cli/presenter/apimodel_test.go +++ b/cli/presenter/apimodel_test.go @@ -799,11 +799,11 @@ func Test_ConvertMisconfigurationResultToMisconfigurations(t *testing.T) { misconfiguration1 := misconfiguration.FlattenedMisconfiguration{ ScannerName: "foo", Misconfiguration: misconfigurationTypes.Misconfiguration{ - ScannedPath: "/scanned/path", + Location: "/scanned/path", - TestCategory: "category1", - TestID: "testid1", - TestDescription: "Test description 1", + Category: "category1", + ID: "id1", + Description: "Test description 1", Severity: misconfigurationTypes.HighSeverity, Message: "You got a problem with 1", @@ -814,11 +814,11 @@ func Test_ConvertMisconfigurationResultToMisconfigurations(t *testing.T) { misconfiguration2 := misconfiguration.FlattenedMisconfiguration{ ScannerName: "foo", Misconfiguration: misconfigurationTypes.Misconfiguration{ - ScannedPath: "/scanned/path", + Location: "/scanned/path", - TestCategory: "category2", - TestID: "testid2", - TestDescription: "Test description 2", + Category: "category2", + ID: "id2", + Description: "Test description 2", Severity: misconfigurationTypes.MediumSeverity, Message: "You got a problem", @@ -829,11 +829,11 @@ func Test_ConvertMisconfigurationResultToMisconfigurations(t *testing.T) { misconfiguration3 := misconfiguration.FlattenedMisconfiguration{ ScannerName: "bar", Misconfiguration: misconfigurationTypes.Misconfiguration{ - ScannedPath: "/scanned/path", + Location: "/scanned/path", - TestCategory: "category1", - TestID: "testid3", - TestDescription: "Test description 1", + Category: "category1", + ID: "id3", + Description: "Test description 1", Severity: misconfigurationTypes.HighSeverity, Message: "You got a problem with 1", @@ -899,34 +899,34 @@ func Test_ConvertMisconfigurationResultToMisconfigurations(t *testing.T) { want: returns{ []apitypes.Misconfiguration{ { - Message: to.Ptr(misconfiguration1.Message), - Remediation: to.Ptr(misconfiguration1.Remediation), - ScannedPath: to.Ptr(misconfiguration1.ScannedPath), - ScannerName: to.Ptr(misconfiguration1.ScannerName), - Severity: to.Ptr(apitypes.MisconfigurationHighSeverity), - TestCategory: to.Ptr(misconfiguration1.TestCategory), - TestDescription: to.Ptr(misconfiguration1.TestDescription), - TestID: to.Ptr(misconfiguration1.TestID), + Message: to.Ptr(misconfiguration1.Message), + Remediation: to.Ptr(misconfiguration1.Remediation), + Location: to.Ptr(misconfiguration1.Location), + ScannerName: to.Ptr(misconfiguration1.ScannerName), + Severity: to.Ptr(apitypes.MisconfigurationHighSeverity), + Category: to.Ptr(misconfiguration1.Category), + Description: to.Ptr(misconfiguration1.Description), + Id: to.Ptr(misconfiguration1.ID), }, { - Message: to.Ptr(misconfiguration2.Message), - Remediation: to.Ptr(misconfiguration2.Remediation), - ScannedPath: to.Ptr(misconfiguration2.ScannedPath), - ScannerName: to.Ptr(misconfiguration2.ScannerName), - Severity: to.Ptr(apitypes.MisconfigurationMediumSeverity), - TestCategory: to.Ptr(misconfiguration2.TestCategory), - TestDescription: to.Ptr(misconfiguration2.TestDescription), - TestID: to.Ptr(misconfiguration2.TestID), + Message: to.Ptr(misconfiguration2.Message), + Remediation: to.Ptr(misconfiguration2.Remediation), + Location: to.Ptr(misconfiguration2.Location), + ScannerName: to.Ptr(misconfiguration2.ScannerName), + Severity: to.Ptr(apitypes.MisconfigurationMediumSeverity), + Category: to.Ptr(misconfiguration2.Category), + Description: to.Ptr(misconfiguration2.Description), + Id: to.Ptr(misconfiguration2.ID), }, { - Message: to.Ptr(misconfiguration3.Message), - Remediation: to.Ptr(misconfiguration3.Remediation), - ScannedPath: to.Ptr(misconfiguration3.ScannedPath), - ScannerName: to.Ptr(misconfiguration3.ScannerName), - Severity: to.Ptr(apitypes.MisconfigurationHighSeverity), - TestCategory: to.Ptr(misconfiguration3.TestCategory), - TestDescription: to.Ptr(misconfiguration3.TestDescription), - TestID: to.Ptr(misconfiguration3.TestID), + Message: to.Ptr(misconfiguration3.Message), + Remediation: to.Ptr(misconfiguration3.Remediation), + Location: to.Ptr(misconfiguration3.Location), + ScannerName: to.Ptr(misconfiguration3.ScannerName), + Severity: to.Ptr(apitypes.MisconfigurationHighSeverity), + Category: to.Ptr(misconfiguration3.Category), + Description: to.Ptr(misconfiguration3.Description), + Id: to.Ptr(misconfiguration3.ID), }, }, []string{"foo", "bar"}, @@ -940,7 +940,7 @@ func Test_ConvertMisconfigurationResultToMisconfigurations(t *testing.T) { t.Fatalf("Unexpected error: %v", err) } - if diff := cmp.Diff(tt.want, returns{Misconfigs: misconfigs, Scanners: scanners}, cmpopts.SortSlices(func(a, b apitypes.Misconfiguration) bool { return *a.TestID < *b.TestID })); diff != "" { + if diff := cmp.Diff(tt.want, returns{Misconfigs: misconfigs, Scanners: scanners}, cmpopts.SortSlices(func(a, b apitypes.Misconfiguration) bool { return *a.Id < *b.Id })); diff != "" { t.Errorf("convertMisconfigurationResultToAPIModel() mismatch (-want +got):\n%s", diff) } }) diff --git a/orchestrator/processor/assetscan/misconfigurations.go b/orchestrator/processor/assetscan/misconfigurations.go index a4c5982a8..82bae247e 100644 --- a/orchestrator/processor/assetscan/misconfigurations.go +++ b/orchestrator/processor/assetscan/misconfigurations.go @@ -33,7 +33,7 @@ func (asp *AssetScanProcessor) getExistingMisconfigurationFindingsForScan(ctx co existingFilter := fmt.Sprintf("findingInfo/objectType eq 'Misconfiguration' and foundBy/id eq '%s'", *assetScan.Id) existingFindings, err := asp.client.GetFindings(ctx, apitypes.GetFindingsParams{ Filter: &existingFilter, - Select: to.Ptr("id,findingInfo/scannerName,findingInfo/testId,findingInfo/message"), + Select: to.Ptr("id,findingInfo/scannerName,findingInfo/id,findingInfo/message"), }) if err != nil { return existingMap, fmt.Errorf("failed to query for findings: %w", err) @@ -80,14 +80,14 @@ func (asp *AssetScanProcessor) reconcileResultMisconfigurationsToFindings(ctx co // scan. for _, item := range *assetScan.Misconfigurations.Misconfigurations { itemFindingInfo := apitypes.MisconfigurationFindingInfo{ - Message: item.Message, - Remediation: item.Remediation, - ScannedPath: item.ScannedPath, - ScannerName: item.ScannerName, - Severity: item.Severity, - TestCategory: item.TestCategory, - TestDescription: item.TestDescription, - TestID: item.TestID, + Message: item.Message, + Remediation: item.Remediation, + Location: item.Location, + ScannerName: item.ScannerName, + Severity: item.Severity, + Category: item.Category, + Description: item.Description, + Id: item.Id, } findingInfo := apitypes.Finding_FindingInfo{} diff --git a/uibackend/server/dashboard_findings_impact.go b/uibackend/server/dashboard_findings_impact.go index 9db8a1f89..d33c40d3b 100644 --- a/uibackend/server/dashboard_findings_impact.go +++ b/uibackend/server/dashboard_findings_impact.go @@ -230,14 +230,14 @@ func createMisconfigurationFindingImpact(findingInfo *apitypes.Finding_FindingIn return types.MisconfigurationFindingImpact{ AffectedAssetsCount: &count, Misconfiguration: &types.Misconfiguration{ - Message: info.Message, - Remediation: info.Remediation, - ScannedPath: info.ScannedPath, - ScannerName: info.ScannerName, - Severity: toModelsMisconfigurationSeverity(info.Severity), - TestCategory: info.TestCategory, - TestDescription: info.TestDescription, - TestID: info.TestID, + Message: info.Message, + Remediation: info.Remediation, + Location: info.Location, + ScannerName: info.ScannerName, + Severity: toModelsMisconfigurationSeverity(info.Severity), + Category: info.Category, + Description: info.Description, + Id: info.Id, }, }, nil }