datetime.utcnow() is scheduled for removal

[manuel-sommer]

No description provided.

[dryrunsecurity]

DryRun Security Summary

The pull request focuses on improving the handling of security-related data and information in the DefectDojo application security management platform, including accurate handling of mitigated timestamps, improved parsing of date/time formats, enhanced endpoint and resource information, and consistent use of datetime handling.

Expand for full summary

Summary:

The code changes in this pull request are focused on improving the handling of security-related data and information in the DefectDojo application security management platform. The changes span several files, primarily related to the processing of findings from various AWS security services, such as Dependency Check, AWS Security Hub, AWS Inspector, and AWS GuardDuty.

The key improvements include:

1. Accurate Handling of Mitigated Timestamps: The code changes ensure that the mitigated timestamp for suppressed vulnerabilities and security findings is correctly set in the UTC timezone, providing better visibility into the mitigation process.

2. Improved Parsing of Date/Time Formats: The code now handles different date/time formats for the LastObservedAt field, ensuring that the mitigation status is accurately reflected in the Finding objects.

3. Enhanced Endpoint and Resource Information: The code extracts additional details about the affected resources, such as AWS resource ARNs, container image information, and remediation recommendation URLs, which can provide valuable context for security analysts.

4. Consistent Use of Datetime Handling: The code updates the import statements for the datetime module, ensuring a consistent and reliable approach to working with date and time values throughout the application.

From an application security perspective, these changes contribute to a more robust and accurate vulnerability management process within the DefectDojo platform. By improving the handling of security-related data, the code changes help to ensure that the information presented to security analysts and stakeholders is reliable and actionable, supporting better decision-making and more effective remediation efforts.

Files Changed:

1. dojo/tools/dependency_check/parser.py: The changes in this file focus on improving the handling of suppressed vulnerabilities in the Dependency Check parser, including setting the correct mitigated date, is_Mitigated flag, and active flag, as well as adding a "suppressed" tag for easier identification.

2. dojo/tools/awssecurityhub/compliance.py: The changes in this file update the import statement for the datetime module and enhance the handling of the LastObservedAt field in the get_item function, ensuring that the mitigation status of the findings is accurately reflected.

3. dojo/tools/awssecurityhub/inspector.py: The changes in this file also focus on the handling of the LastObservedAt field, ensuring that the datetime values are parsed correctly and that the mitigated variable is set appropriately.

4. dojo/tools/awssecurityhub/guardduty.py: The changes in this file improve the handling of the LastObservedAt field, extract additional details about the affected resources, and capture remediation recommendation URLs, providing more comprehensive information for security analysis.

Code Analysis

We ran 9 analyzers against 4 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mtesauro]

Approved