-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS Security Hub parser add unique_id_from_tool and deduplication #4376
Conversation
nlandais
commented
Apr 27, 2021
•
edited
Loading
edited
- Add name of the AWS resource in the title for ease of use and to help in the remediation process
- Dedupe finding on unique_id_from_tool: use the SecHub finding id (value after the last / from the finding's ARN)
…ctDojo in debug mode
…ing DefectDojo in debug mode" This reverts commit 081fefe.
- Add name of the AWS resource in the title for ease of use and to help in the remediation process - Dedupe on unique_id_from_tool: use the SecHub finding id (value after the last / from the finding's ARN) - Remove logiv aimed at closing the findings because it does actually work and competes for the close_old_findings logic
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
comments
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you add some checks in the unit tests that show the new data in the findings?
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As you are adding modifications to unique_id_from_tool
attribute, could you add some checks in the unit tests that checks these new data?
@nlandais there is something out of scope in the PR. it seems that one sub-module for documentation is updated. |
…e_id_from_tool in the DB and used by the deduplication algorithm
Implementing review comment, by keeping complete ARN for the finding_id Making the resourc_id value a bit easier to read by splitting the ARN
Re-instating the mitigated=mitigated, in the finding properties
Add ing boolean to finding property to indicate the mitigation status (when mitigation date is not NULL, mitigation status gets set to TRUE)
@valentijnscholten could you take another look, @nlandais made a lot of modifications since the first reviews. |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Conflicts have been resolved. A maintainer will review the pull request shortly. |