-
Notifications
You must be signed in to change notification settings - Fork 83
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(policies): add risk severity via data category (#124)
* feat: add category to dataflow risk datatype * feat: add data category files * feat: pass data categories to rego policy * feat: update severity levels to Delibr spec * feat: pass policy name and description to rego chore: update snapshots * fix: don't blow up if policy returns no results * feat: add policy information to location feat: add policy "id" to policy type * fix: prefer results to locations
- Loading branch information
Showing
33 changed files
with
366 additions
and
30 deletions.
There are no files selected for viewing
17 changes: 14 additions & 3 deletions
17
integration/flags/.snapshots/TestReportFlags-report-policies
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
{ | ||
"metadata": { | ||
"version": "1.0" | ||
}, | ||
"uuid": "12f0efe5-ee25-4688-b111-4b8b120fcd96", | ||
"name": "Authenticating", | ||
"severity": "critical" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/behavioral_information.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "fbd60d10-7408-4d52-9d9b-7d9cdf633099", | ||
"name": "Behavioral Information", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "b089d17c-9fcb-45f3-8b14-f2dc9eac26a6", | ||
"name": "Communication", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "5e116e08-9d86-4b78-b2af-b345e82e1e9b", | ||
"name": "Computer Device", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "e22bfd4a-9afe-4b6f-9436-33bc9c034798", | ||
"name": "Contact", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "ff748c7f-8cf7-40aa-b398-242983f54dfa", | ||
"name": "Credit History", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "a997f160-35ba-495d-8fe3-4ea546a4beee", | ||
"name": "Criminal Records", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "57880e92-e6f8-48a9-9b05-e3ebc4dbe919", | ||
"name": "Demographic", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "d4191777-ed6b-4aa7-bd3f-e9b4130baa99", | ||
"name": "Ethnicity", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "478b57e8-bfe5-474e-8dad-8581da06475d", | ||
"name": "Family", | ||
"severity": "medium" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/financial_accounts.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "b1740ff1-64c1-453e-ba80-91d238b0692e", | ||
"name": "Financial Accounts", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "f72d3ea0-d7a2-4279-8686-59da3780c211", | ||
"name": "Identification", | ||
"severity": "critical" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/knowledge_and_belief.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "5ca4d3b7-8500-4b42-9357-f555b006fd30", | ||
"name": "Knowledge and Belief", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "75b53b6a-2257-4be7-b3b1-1f4b0367e3f7", | ||
"name": "Location", | ||
"severity": "high" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/medical_and_health.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "0fbee18e-4d96-4d8e-b8f6-bc5b04bba2f3", | ||
"name": "Medical and Health", | ||
"severity": "high" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/personal_ownership.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "df05de69-b59b-4d11-8d58-71a51b1102f8", | ||
"name": "Personal Ownership", | ||
"severity": "high" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/physical_characteristic.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "9555eb1f-f18d-47aa-b081-7513258fe039", | ||
"name": "Physical Characteristic", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "6fac9d01-6831-47ea-a4e1-94f62e963e45", | ||
"name": "Preference", | ||
"severity": "medium" | ||
} |
6 changes: 6 additions & 0 deletions
6
pkg/classification/db/data_categories/professional_information.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "f04418cb-14d9-4739-938e-2cc0666cd0cf", | ||
"name": "Professional Information", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "2951ab57-8c24-4123-932f-e24608fb8c2d", | ||
"name": "Public Life", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "1825df39-1aeb-4c96-9e0a-cdbbcde8d792", | ||
"name": "Sexual", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "dee7b0c2-74cd-4632-8a59-87b25a875835", | ||
"name": "Social Network", | ||
"severity": "medium" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"metadata": { "version": "1.0" }, | ||
"uuid": "aee749bc-ec52-49c8-9603-3620eff0a165", | ||
"name": "Transactional", | ||
"severity": "high" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,9 @@ | ||
logger_leaks: | ||
message: "Logger leaks detected" | ||
level: "warning" | ||
description: "Logger leaks detected" | ||
name: "Logger leaks" | ||
id: "detect_ruby_logger" | ||
query: | | ||
level = data.bearer.logger_leaks.level | ||
locations = data.bearer.logger_leaks.locations | ||
result = data.bearer.logger_leaks.result | ||
modules: | ||
- path: policies/logger_leaks.rego | ||
name: bearer.logger_leaks |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.