From 9b4e1f95337a59139790f08a418fa2fd0f9d1206 Mon Sep 17 00:00:00 2001
From: elsapet <elizabeth@bearer.sh>
Date: Mon, 5 Dec 2022 17:54:44 +0200
Subject: [PATCH] fix(policies): improve sensitive data check (#191)

fix: improve sensitive data check
---
 .../policies/ssl_certificate_verification_disabled.rego   | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/pkg/commands/process/settings/policies/ssl_certificate_verification_disabled.rego b/pkg/commands/process/settings/policies/ssl_certificate_verification_disabled.rego
index db963451c..cddb680bb 100644
--- a/pkg/commands/process/settings/policies/ssl_certificate_verification_disabled.rego
+++ b/pkg/commands/process/settings/policies/ssl_certificate_verification_disabled.rego
@@ -4,19 +4,23 @@ import future.keywords
 
 sensitive_data_group_uuid := "f6a0c071-5908-4420-bac2-bba28d41223e"
 
-medium[item] {
+has_sensitive_data if {
   some data_type in input.dataflow.data_types
 
   some category in input.data_categories
   category.uuid == data_type.category_uuid
   category.group_uuid == sensitive_data_group_uuid
+}
+
+medium[item] {
+  has_sensitive_data == true
 
   some detector in input.dataflow.risks
   detector.detector_id == input.policy_id
   location = detector.locations[_]
 
   item = {
-    "category_group": category.group_name,
+    "category_group": "sensitive data",
     "filename": location.filename,
     "line_number": location.line_number,
     "parent_line_number": location.parent.line_number,