def process_sva(sva_scan, server, session, tests):
tests["max_criticals"]["actual"] = sva_scan["critical_findings_count"]
tests["max_non_criticals"]["actual"] = sva_scan["non_critical_findings_count"]
bad_findings = [finding for finding in sva_scan["findings"] if finding['status'] == 'bad']
tests["max_cvss"]["actual"] = max(cve_entry["cvss_score"] for finding in bad_findings for cve_entry in finding["cve_entries"])
if tests["max_criticals"]["actual"] > tests["max_criticals"]["threshold"]:
tests["max_criticals"]["result"] = False
if tests["max_non_criticals"]["actual"] > tests["max_non_criticals"]["threshold"]:
tests["max_non_criticals"]["result"] = False
if tests["max_cvss"]["actual"] > tests["max_cvss"]["threshold"]:
tests["max_cvss"]["result"] = False
cve_details = {}
cve_detail = cloudpassage.CveDetails(session)
for finding in bad_findings:
finding["remote"] = "No"
for cve_entry in finding["cve_entries"]:
detail = cve_detail.describe(cve_entry["cve_entry"])
cve_details[cve_entry["cve_entry"]] = detail
if detail["CVSS Metrics"]["access_vector"] == "NETWORK":
finding["remote"] = "Yes"
scan_time = sva_scan["completed_at"]
generate_sva_report(tests, bad_findings, server, cve_details, scan_time)
return all(v["result"] for v in tests.values())
def get_top_cve(session):
# Top ten most common CVEs across entire account: CVE ID, CVSS score, with
# counts.
# Need to go through each issues, get all the CVEs (there might be a list) and count them all as we go.
# then we need to look up the score for the CVEs once we have them
top_cve_issues = {}
csp_issues = cloudpassage.Issue(session)
list_of_issues = csp_issues.list_all()
for s in list_of_issues:
list_of_cves_from_issues = {}
if "cves" in s.keys():
list_of_cves_from_issues = s["cves"]
#pp.pprint(list_of_cves_from_issues)
for l in list_of_cves_from_issues:
if l in top_cve_issues.keys():
top_cve_issues[l] += 1
else:
top_cve_issues[l] = 0
top_cve_issues_sorted = sorted(top_cve_issues.items(),
key=lambda kv: (kv[1], kv[0]),
reverse=True)
cve = cloudpassage.CveDetails(session)
for i in range(0, 10):
print(
top_cve_issues_sorted[i][0], " |",
cve.describe(top_cve_issues_sorted[i][0])["CVSS Metrics"]["score"],
" |", top_cve_issues_sorted[i][1])
def build_cve_detail_object(self):
session = cloudpassage.HaloSession(key_id,
secret_key,
api_host=api_hostname,
api_port=api_port,
integration_string="SDK-Smoke")
cve_detail_object = cloudpassage.CveDetails(session)
return (cve_detail_object)
def __init__(self, key, secret, api_host):
"""Instantiate with key, secret, and API host.
Args:
config (ConfigHelper): Config Object
"""
self.logger = Logger()
integration = self.get_integration_string()
self.session = cloudpassage.HaloSession(key,
secret,
api_host=api_host,
integration_string=integration)
self.issue = cloudpassage.Issue(self.session, endpoint_version=3)
self.http_helper = cloudpassage.HttpHelper(self.session)
self.cve_detail = cloudpassage.CveDetails(self.session)
def test_instantiation(self):
assert cloudpassage.CveDetails(None)