implementations

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2019 License: Apache-2.0 Imports: 24 Imported by: 1

README

implementations

Build Status Go Report Card GoDoc License PRs Welcome

implementations

Documentation

Index

Constants

View Source 
const (
	// Append states that the tag mapping information should be included in addition to the information from the scanner
	Append = "Append"

	// Overwrite states that the tag mapping information should replace the information from the scanner
	Overwrite = "Overwrite"
)

Tag mapping options

Variables

This section is empty.

Functions

This section is empty.

Types

type AssetSyncJob 

type AssetSyncJob struct {
	Payload *AssetSyncPayload
	// contains filtered or unexported fields
}

AssetSyncJob implements the Job interface required to run the job

func (*AssetSyncJob) Process 

func (job *AssetSyncJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process downloads asset information from a scanner (such as IP/vulnerability detections) and stores it in the database

type AssetSyncPayload 

type AssetSyncPayload struct {
	GroupIDs []int `json:"groups"`
}

AssetSyncPayload holds the asset groups to be synced by the job. loaded from the job history Payload

type BulkUpdateJob 

type BulkUpdateJob struct {
	Payload *BulkUpdatePayload
	// contains filtered or unexported fields
}

BulkUpdateJob implements the job structure and holds the connection in order to contact the API with log information that should be relayed to the user who started the job

func (*BulkUpdateJob) Process 

func (job *BulkUpdateJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process pulls the files for the bulk update, establishes a connection with the user, and executes the changes against JIRA and relays relevant information back to the user TODO should we have a max number of files allowed per history?

type BulkUpdateMessage 

type BulkUpdateMessage struct {
	User       string `json:"user,omitempty"`
	Success    string `json:"success,omitempty"`
	Error      string `json:"failure,omitempty"`
	Repeat     string `json:"repeat,omitempty"`
	ErrorCount int    `json:"repeat_count"`
	Progress   string `json:"progress"`
}

BulkUpdateMessage holds information from the job execution that should be relayed to the user

type BulkUpdatePayload 

type BulkUpdatePayload struct {
	Filenames           []string `json:"file"`
	UsernameOfRequester string   `json:"user"`
	ServiceURL          string   `json:"serviceURL"`
	OrgID               string   `json:"orgId"`
}

BulkUpdatePayload parses the information from the job history. It holds the files that are going to be ran by the bulk update job as well as the org that's running it/who started the job/the JIRA URL to use

type CISRescanJob 

type CISRescanJob struct {
	Payload *CISRescanPayload
	// contains filtered or unexported fields
}

CISRescanJob implements the Job interface and pulls findings from Dome9 and creates tickets when applicable

func (*CISRescanJob) Process 

func (job *CISRescanJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process pulls findings from a particular bundle, and creates a ticket in the ticketing engine if one did not exist

type CISRescanPayload 

type CISRescanPayload struct {
	BundleID        int      `json:"bundle_id"`
	CloudAccountIDs []string `json:"cloud_accounts"`
}

CISRescanPayload holds information that dictates how the rescan is run, and on what account The BundleID points towards a bundle, which holds a series of rules The cloud account IDs points to the cloud account (e.g. AWS/Azure) that we which to test the rules against

type CloudDecommissionJob 

type CloudDecommissionJob struct {
	// contains filtered or unexported fields
}

CloudDecommissionJob pulls a history of tracked assets from the database and compares that to a list of live assets as reported

func (*CloudDecommissionJob) Process 

func (job *CloudDecommissionJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process grabs a history of the devices tracked by the database. All devices belonging to a cloud service (AWS/Azure) are checked to see if they are still existent in the cloud inventory of that service. If they do not exist, the device is decommissioned in the database and its tickets are closed It also grabs the devices that were previously decommissioned, and verifies that they still no longer exist in the cloud inventory. If they are discovered to be alive again, their entry in the ignore table is deleted

type CloudSyncJob 

type CloudSyncJob struct {
	// contains filtered or unexported fields
}

CloudSyncJob is the struct used to run the job, which is responsible for grabbing tag information from a cloud service provider and storing it in the database

func (*CloudSyncJob) Process 

func (job *CloudSyncJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process pulls tag information associated with devices that are scanned in cloud service providers (e.g. AWS/Azure) the tags are used within the ticketing job to include additional information, or override information in a ticket

type ExceptionJob 

type ExceptionJob struct {
	// contains filtered or unexported fields
}

ExceptionJob is the struct used to run the job, which implements the IJob interface

func (*ExceptionJob) Process 

func (job *ExceptionJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process grabs closed tickets for an organization, and either creates an exception in the db if a valid CERF is associated with the ticket, or creates a false

type FindingWrapper 

type FindingWrapper struct {
	domain.Finding
	// contains filtered or unexported fields
}

FindingWrapper implements the domain.Ticket interface so the finding may be converted into a ticket

func (*FindingWrapper) AlertDate 

func (wrapper *FindingWrapper) AlertDate() (param *time.Time)

AlertDate returns the AlertDate of the ticket

func (*FindingWrapper) AssignedTo 

func (wrapper *FindingWrapper) AssignedTo() (param *string)

AssignedTo returns the AssignedTo of the ticket

func (*FindingWrapper) AssignmentGroup 

func (wrapper *FindingWrapper) AssignmentGroup() (param *string)

AssignmentGroup returns the AssignmentGroup of the ticket

func (*FindingWrapper) CERF 

func (wrapper *FindingWrapper) CERF() (param string)

CERF returns the CERF of the ticket

func (*FindingWrapper) CERFExpirationDate 

func (wrapper *FindingWrapper) CERFExpirationDate() (param time.Time)

CERFExpirationDate returns the CERFExpirationDate of the ticket

func (*FindingWrapper) CVEReferences 

func (wrapper *FindingWrapper) CVEReferences() (param *string)

CVEReferences returns the CVEReferences of the ticket

func (*FindingWrapper) CVSS 

func (wrapper *FindingWrapper) CVSS() (param *float32)

CVSS returns the CVSS of the ticket

func (*FindingWrapper) CloudID 

func (wrapper *FindingWrapper) CloudID() (param string)

CloudID returns the CloudID of the ticket

func (*FindingWrapper) Configs 

func (wrapper *FindingWrapper) Configs() (param string)

Configs returns the Configs of the ticket

func (*FindingWrapper) CreatedDate 

func (wrapper *FindingWrapper) CreatedDate() (param *time.Time)

CreatedDate returns the CreatedDate of the ticket

func (*FindingWrapper) DBCreatedDate 

func (wrapper *FindingWrapper) DBCreatedDate() (param time.Time)

DBCreatedDate returns the DBCreatedDate of the ticket

func (*FindingWrapper) DBUpdatedDate 

func (wrapper *FindingWrapper) DBUpdatedDate() (param *time.Time)

DBUpdatedDate returns the DBUpdatedDate of the ticket

func (*FindingWrapper) Description 

func (wrapper *FindingWrapper) Description() (param *string)

Description returns the Description of the ticket

func (*FindingWrapper) DeviceID 

func (wrapper *FindingWrapper) DeviceID() (param string)

DeviceID returns the DeviceID of the ticket

func (*FindingWrapper) DueDate 

func (wrapper *FindingWrapper) DueDate() (param *time.Time)

DueDate returns the DueDate of the ticket

func (*FindingWrapper) GroupID 

func (wrapper *FindingWrapper) GroupID() (param string)

GroupID returns the GroupID of the ticket

func (*FindingWrapper) HostName 

func (wrapper *FindingWrapper) HostName() (param *string)

HostName returns the HostName of the ticket

func (*FindingWrapper) ID 

func (wrapper *FindingWrapper) ID() (param int)

ID returns the ID of the ticket

func (*FindingWrapper) IPAddress 

func (wrapper *FindingWrapper) IPAddress() (param *string)

IPAddress returns the IPAddress of the ticket

func (*FindingWrapper) Labels 

func (wrapper *FindingWrapper) Labels() (param *string)

Labels returns the Labels of the ticket

func (*FindingWrapper) LastChecked 

func (wrapper *FindingWrapper) LastChecked() (param *time.Time)

LastChecked returns the LastChecked of the ticket

func (*FindingWrapper) MacAddress 

func (wrapper *FindingWrapper) MacAddress() (param *string)

MacAddress returns the MacAddress of the ticket

func (*FindingWrapper) MethodOfDiscovery 

func (wrapper *FindingWrapper) MethodOfDiscovery() (param *string)

MethodOfDiscovery returns the MethodOfDiscovery of the ticket

func (*FindingWrapper) OSDetailed 

func (wrapper *FindingWrapper) OSDetailed() (param *string)

OSDetailed returns the OSDetailed of the ticket

func (*FindingWrapper) OperatingSystem 

func (wrapper *FindingWrapper) OperatingSystem() (param *string)

OperatingSystem returns the OperatingSystem of the ticket

func (*FindingWrapper) OrgCode 

func (wrapper *FindingWrapper) OrgCode() (param *string)

OrgCode returns the OrgCode of the ticket

func (*FindingWrapper) OrganizationID 

func (wrapper *FindingWrapper) OrganizationID() (param string)

OrganizationID returns the OrganizationID of the ticket

func (*FindingWrapper) Priority 

func (wrapper *FindingWrapper) Priority() (param *string)

Priority returns the Priority of the ticket

func (*FindingWrapper) Project 

func (wrapper *FindingWrapper) Project() (param *string)

Project returns the Project of the ticket

func (*FindingWrapper) ReportedBy 

func (wrapper *FindingWrapper) ReportedBy() (param *string)

ReportedBy returns the ReportedBy of the ticket

func (*FindingWrapper) ResolutionDate 

func (wrapper *FindingWrapper) ResolutionDate() (param *time.Time)

ResolutionDate returns the ResolutionDate of the ticket

func (*FindingWrapper) ResolutionStatus 

func (wrapper *FindingWrapper) ResolutionStatus() (param *string)

ResolutionStatus returns the ResolutionStatus of the ticket

func (*FindingWrapper) ScanID 

func (wrapper *FindingWrapper) ScanID() (param int)

ScanID returns the ScanID of the ticket

func (*FindingWrapper) ServicePorts 

func (wrapper *FindingWrapper) ServicePorts() (param *string)

ServicePorts returns the ServicePorts of the ticket

func (*FindingWrapper) Solution 

func (wrapper *FindingWrapper) Solution() (param *string)

Solution returns the Solution of the ticket

func (*FindingWrapper) Status 

func (wrapper *FindingWrapper) Status() (param *string)

Status returns the Status of the ticket

func (*FindingWrapper) Summary 

func (wrapper *FindingWrapper) Summary() (param *string)

Summary returns the Summary of the ticket

func (*FindingWrapper) TicketType 

func (wrapper *FindingWrapper) TicketType() (param *string)

TicketType returns the TicketType of the ticket

func (*FindingWrapper) Title 

func (wrapper *FindingWrapper) Title() (param string)

Title returns the Title of the ticket

func (*FindingWrapper) UpdatedDate 

func (wrapper *FindingWrapper) UpdatedDate() (param *time.Time)

UpdatedDate returns the UpdatedDate of the ticket

func (*FindingWrapper) VendorReferences 

func (wrapper *FindingWrapper) VendorReferences() (param *string)

VendorReferences returns the VendorReferences of the ticket

func (*FindingWrapper) VulnerabilityID 

func (wrapper *FindingWrapper) VulnerabilityID() (param string)

VulnerabilityID returns the VulnerabilityID of the ticket

func (*FindingWrapper) VulnerabilityTitle 

func (wrapper *FindingWrapper) VulnerabilityTitle() (param *string)

VulnerabilityTitle returns the VulnerabilityTitle of the ticket

type OrgPayload 

type OrgPayload struct {
	LowestCVSS  float32       `json:"lowest_ticketed_cvss"`
	CVSSVersion int           `json:"cvss_version"`
	Severities  []OrgSeverity `json:"severities"`
}

OrgPayload contains the SLA information for how long a vulnerability has to be remediated given the severity it is located from the Payload field of the organization table

func (*OrgPayload) Len 

func (payload *OrgPayload) Len() int

Len implements the sort interface so the severities may be organized

func (*OrgPayload) Less 

func (payload *OrgPayload) Less(i, j int) bool

Less identifies which severity entry has a lower CVSS minimum

func (*OrgPayload) Swap 

func (payload *OrgPayload) Swap(i, j int)

Swap swaps two severity entries

func (*OrgPayload) Validate 

func (payload *OrgPayload) Validate() (valid bool)

Validate ensures there is a severity description for an organization, sorts them, and ensures all the numerical values held are valid additionally, it checks that the cvss version is set within the organization payload

type OrgSeverity 

type OrgSeverity struct {
	Name     string  `json:"name"`
	Duration int     `json:"duration"`
	CVSSMin  float32 `json:"cvss_min"`
}

OrgSeverity holds the information pertaining to the severity and it's relation to CVSS. The severities are organized based on their CVSS minimum score CVSSMin dictates the lowest score required for a vulnerability to be associated with this severity. If another severity has a higher CVSS min that the vulnerability is also above, the vulnerability is associated with that CVSS min. The duration is the amount of time in days that a remediator would have to fix the vulnerability after discovery

type RescanJob 

type RescanJob struct {
	Payload *RescanPayload
	State   string
	// contains filtered or unexported fields
}

RescanJob implements the Job interface required to run the job

func (*RescanJob) Process 

func (job *RescanJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process loads tickets that are in a status that requires rescanning. The job kicks off a rescan for the tickets using the scanning engine

type RescanPayload 

type RescanPayload struct {
	Group   string   `json:"group"`
	Tickets []string `json:"tickets"`
	Type    string   `json:"type"`
}

RescanPayload is used to parse the Payload from the job history table. The Payload is generated automatically from the rescan queue job which creates the job history for the rescan job

type RescanQueueJob 

type RescanQueueJob struct {
	Payload *RescanQueuePayload
	// contains filtered or unexported fields
}

RescanQueueJob implements the Job interface required to run the job

func (*RescanQueueJob) Process 

func (job *RescanQueueJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process takes tickets that are ready for rescan, grabs their associated groups, and creates job histories for rescans to process those tickets

type RescanQueuePayload 

type RescanQueuePayload struct {
	Type string `json:"type"`
}

RescanQueuePayload is used to parse the Payload from the job history table. The type defines whether it kicks off normal rescans, exception rescans, or decommission rescans

type ScanCloseJob 

type ScanCloseJob struct {
	Payload *ScanClosePayload
	// contains filtered or unexported fields
}

ScanCloseJob are created by rescan jobs, and do not have to be made by the user

func (*ScanCloseJob) Process 

func (scanClose *ScanCloseJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process loads and processes the results from the scanner. This includes updating the status of the associated JIRA ticket as well as creating exceptions in the ignore table if the asset is discovered to be decommissioned

type ScanClosePayload 

type ScanClosePayload struct {
	RescanPayload
	Scan    interface{} `json:"scan"`
	Devices []string    `json:"devices"`
	Group   string      `json:"group"`
	ScanID  string      `json:"scan_id"`
}

ScanClosePayload is used to parse information from the job history Payload, which is generated automatically

type ScanSyncJob 

type ScanSyncJob struct {
	// contains filtered or unexported fields
}

ScanSyncJob is responsible for monitoring the ScanSummary table in the database, and updating the status using information from the scanner API the job should be marked as autostart and continuous

func (*ScanSyncJob) Process 

func (job *ScanSyncJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process monitors unfinished scans in the database, and queries the scanners to keep the status of the scans in the database up-to-date if the scanner reports the scan as finished, this job queues up a job history for a scan close job that will process the results of the scan

type TicketSyncJob 

type TicketSyncJob struct {
	// contains filtered or unexported fields
}

TicketSyncJob pulls ticket information from an engine and stores it in the database

func (*TicketSyncJob) Process 

func (job *TicketSyncJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process pulls tickets from JIRA that have been updated since the last job run, and stores the updated information in the database

type TicketingJob 

type TicketingJob struct {
	Payload *TicketingPayload

	// TODO: remove the port flag from the code, these should always create multiple tickets
	OrgPayload *OrgPayload
	// contains filtered or unexported fields
}

TicketingJob implements the IJob interface required to run the job

func (*TicketingJob) Process 

func (ticketing *TicketingJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process the ticketing job loads device information from a scanner, and creates a ticket for each device/vulnerability combination where one does not already exist. First, it checks for an entry in the ignore table to see if that device/vulnerability combination is a known exception or false positive

type TicketingPayload 

type TicketingPayload struct {
	MinDate *time.Time `json:"mindate,omitempty"`
}

TicketingPayload decides which asset groups to ticket on, as well as defining the min date which is used to calculate the SLA if the calculated due date is in the past

type VulnSyncJob 

type VulnSyncJob struct {
	// contains filtered or unexported fields
}

VulnSyncJob implements the IJob interface to sync vulnerabilities from a scanning engine

func (*VulnSyncJob) Process 

func (job *VulnSyncJob) Process(ctx context.Context, id string, appconfig domain.Config, db domain.DatabaseConnection, lstream log.Logger, payload string, jobConfig domain.JobConfig, inSource []domain.SourceConfig, outSource []domain.SourceConfig) (err error)

Process downloads vulnerability information from a scanning engine, and then creates an entry in the VulnerabilityInfo table if one does not exist, and updates the entry in the VulnerabilityInfo table if one does not exist

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.