forked from DefectDojo/django-DefectDojo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
3c1c59d
commit 3e9edbc
Showing
5 changed files
with
34,625 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| --- | ||
| title: "Kubescape Scanner" | ||
| toc_hide: true | ||
| --- | ||
| Kubescape is a K8s open-source tool providing a Kubernetes single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerability scanning. Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CK®), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time. | ||
|
|
||
| Sample File | ||
| it support json and junit xml format file | ||
|
|
||
| ### Sample Scan Data | ||
| Sample Kubescape scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/kubescape). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| __author__ = "manuel-sommer" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| import json | ||
| from dojo.models import Endpoint, Finding | ||
|
|
||
|
|
||
| class KubescapeParser(object): | ||
| def get_scan_types(self): | ||
| return ["Kubescape JSON Importer"] | ||
|
|
||
| def get_label_for_scan_types(self, scan_type): | ||
| return scan_type # no custom label for now | ||
|
|
||
| def get_description_for_scan_types(self, scan_type): | ||
| return "Import result of Kubescape JSON output." | ||
|
|
||
| def get_findings(self, filename, test): | ||
| findings = [] | ||
| try: | ||
| data = json.load(filename) | ||
| except ValueError: | ||
| data = {} | ||
| i=0 | ||
| for resource in data["resources"]: | ||
| resourceid = resource["resourceID"] | ||
| results = ([each for each in data["results"] if each.get('resourceID') == resourceid]) | ||
| """TODO, PARSE THE RIGHT VALUES INTO THE FINDING""" | ||
| i+=1 | ||
| find = Finding(title="title"+str(i), | ||
| test=test, | ||
| description="message", | ||
| severity="High", | ||
| static_finding=False) | ||
| findings.append(find) | ||
| return findings |
Oops, something went wrong.