README
¶
Vulcan Report
Package to store models and helper functions for generating and manipulating Vulcan reports.
Documentation
¶
Index ¶
- Constants
- func AggregateScore(vulnerabilities []Vulnerability) float32
- func ScoreSeverity(severity SeverityRank) float32
- func SecurityStatus(score float32) string
- func ValidateReport(r Report) error
- func ValidateVulnerability(v Vulnerability) error
- type Attachment
- type ByScore
- type CheckData
- type Report
- type ResourcesGroup
- type ResultData
- type SeverityRank
- type Vulnerability
Constants ¶
const ( CategoryIssue = "ISSUE" CategoryPotentialIssue = "POTENTIAL_ISSUE" CategoryCompliance = "COMPLIANCE" CategoryInformational = "INFORMATIONAL" )
const ( // SeverityThresholdNone defines interesting findings that are not vulnerabilities. SeverityThresholdNone = 0 // SeverityThresholdLow defines vulnerabilities with low impact. SeverityThresholdLow = 3.9 // SeverityThresholdMedium defines vulnerabilities with medium impact. SeverityThresholdMedium = 6.9 // SeverityThresholdHigh defines vulnerabilities with high impact. SeverityThresholdHigh = 8.9 // SeverityThresholdCritical defines vulnerabilities with critical impact. SeverityThresholdCritical = 10 )
https://nvd.nist.gov/vuln-metrics/cvss/ CVSS v3.0 Ratings
Severity Base Score Range None 0.0 Low 0.1 - 3.9 Medium 4.0 - 6.9 High 7.0 - 8.9 Critical 9.0 -10.0
Variables ¶
This section is empty.
Functions ¶
func AggregateScore ¶
func AggregateScore(vulnerabilities []Vulnerability) float32
AggregateScore returns an aggregated score for a group of vulnerabilities. NOTE: This is currently a placeholder function which returns the maximum severity score.
func ScoreSeverity ¶
func ScoreSeverity(severity SeverityRank) float32
ScoreSeverity returns the maximum score according to a severity rank.
func SecurityStatus ¶
SecurityStatus returns a grade from A to F (A is good, F is bad) given a target aggregated score
func ValidateVulnerability ¶
func ValidateVulnerability(v Vulnerability) error
ValidateVulnerability validates a Vulnerability.
Types ¶
type Attachment ¶
type Attachment struct {
Name string `json:"name"`
ContentType string `json:"content_type"`
Data []byte `json:"data"`
}
Attachment found when running the check
type ByScore ¶
type ByScore []Vulnerability
type CheckData ¶
type CheckData struct {
CheckID string `json:"check_id"` // Mandatory.
ChecktypeName string `json:"checktype_name"` // Mandatory.
ChecktypeVersion string `json:"checktype_version"` // Mandatory.
Status string `json:"status"` // Mandatory.
Target string `json:"target"` // Mandatory.
Options string `json:"options"`
Tag string `json:"tag"`
StartTime time.Time `json:"start_time"` // Mandatory.
EndTime time.Time `json:"end_time"`
}
CheckData defines the data about the execution of the check that generated the report.
type Report ¶
type Report struct {
CheckData
ResultData
}
Report represents a check vulnerability report.
func (*Report) MarshalJSONTimeAsString ¶
MarshalJSONTimeAsString marshals a Report to JSON using time as string A custom marshaler is used to rewrite times for Athena and Rails. TODO: Discuss if this is necessary or if we can drop it.
func (*Report) UnmarshalJSONTimeAsString ¶
UnmarshalJSONTimeAsString unmarshals a JSON to a Report using time as string
type ResourcesGroup ¶
ResourcesGroup a self-defined table for resources sharing the same attributes. Example: Name: Network Resource Header: | Hostname | Port | Protocol | Service | Rows:
| www.adevinta.com | 80 | tcp | http | | www.adevinta.com | 443 | tcp | http |
The way the Rows are defined is using a map with values for every key defined at the Header attribute.
type ResultData ¶
type ResultData struct {
Vulnerabilities []Vulnerability `json:"vulnerabilities"` // Array of identified vulnerabilities.
Data []byte `json:"data,omitempty"` // Free field for additional data.
Notes string `json:"notes,omitempty"` // Free field for additional notes.
Error string `json:"error"` // Error message, if any.
NotApplicable bool `json:"not_applicable,omitempty"` // If the check was not really applicable.
}
ResultData contains the data regarding result of the execution of a check, for instance: vulnerabilities, notes, etc.
func (*ResultData) AddVulnerabilities ¶
func (r *ResultData) AddVulnerabilities(v ...Vulnerability)
AddVulnerabilities is a handy method to add one or more Vulnerabilities to the ResultData.Vulnerability array. It's equivalent to r.Vulnerabilities = append(r.Vulnerabilities,v).
type SeverityRank ¶
type SeverityRank int
const ( // SeverityNone defines interesting findings that are not vulnerabilities. SeverityNone SeverityRank = iota // SeverityLow defines vulnerabilities with low impact. SeverityLow // SeverityMedium defines vulnerabilities with medium impact. SeverityMedium // SeverityHigh defines vulnerabilities with high impact. SeverityHigh // SeverityCritical defines vulnerabilities with critical impact. SeverityCritical )
func RankSeverity ¶
func RankSeverity(score float32) SeverityRank
RankSeverity returns the severity rank according to predefined score thresholds.
type Vulnerability ¶
type Vulnerability struct {
ID string `json:"id"` // Arbitrary UUID that uniquely identifies the vulnerability in every scan.
Summary string `json:"summary"` // Mandatory. Vulnerability title.
Score float32 `json:"score"` // Vulnerability severity score. According to CVSSv3 base score.
AffectedResource string `json:"affected_resource"` // Indicates the concrete resource affected by the vulnerability.
AffectedResourceString string `json:"affected_resource_string"` // Optionally indicates a human-readable meaningful version of the AffectedResource.
Fingerprint string `json:"fingerprint"` // Fingerprint defines the context in where the vulnerability has been found.
CWEID uint32 `json:"cwe_id,omitempty"` // CWE-ID.
Description string `json:"description,omitempty"` // Vulnerability description.
Details string `json:"details,omitempty"` // Vulnerability details generated when running the check against the target.
ImpactDetails string `json:"impact_details,omitempty"` // Vulnerability impact details.
Labels []string `json:"labels,omitempty"` // A list of labels (strings) to enrich the vulnerability.
Recommendations []string `json:"recommendations,omitempty"` // Vulnerability remediation suggestions.
References []string `json:"references,omitempty"` // Reference URLs for more information.
Resources []ResourcesGroup `json:"resources,omitempty"` // ResourcesGroups found when running the check.
Attachments []Attachment `json:"attachments,omitempty"` // Attachments found when running the check
Vulnerabilities []Vulnerability `json:"vulnerabilities"` // Mandatory. Array of identified vulnerabilities.
}
Vulnerability represents a single security vulnerability found while running a check.
func (*Vulnerability) AddVulnerabilities ¶
func (v *Vulnerability) AddVulnerabilities(vulnerabilities ...Vulnerability)
AddVulnerabilities is a handy method to add one or more Vulnerabilities to the Vulnerability.Vulnerabilities array. It's equivalent to v.Vulnerabilities = append(v.Vulnerabilities,vulnerabilities)
func (*Vulnerability) AggregateScore ¶
func (v *Vulnerability) AggregateScore()
AggregateScore recalculates the score field for a parent vulnerability.
func (Vulnerability) Severity ¶
func (v Vulnerability) Severity() SeverityRank
Severity returns the severity rank for a vulnerability.
func (Vulnerability) Validate ¶
func (v Vulnerability) Validate() error
Validate checks if a vulnerability is valid.
Source Files