armotypes/vulnerabilitytypes.go

package armotypes

import (
	"time"
)

const (
	ExploitableCisaKev        = "Known Exploited"
	ExploitableHighLikelihood = "High Likelihood"
	ExploitableNo             = "No"
	EpssThreshold             = 0.10 // 10%
	CisaKevKnown              = "Known"
	CisaKevUnknown            = "Unknown"
)

type VulnerabilityJobParams struct {
	Name            string `json:"name,omitempty"`
	ID              string `json:"id,omitempty"`
	ClusterName     string `json:"clusterName"`
	Namespace       string `json:"namespace"`
	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
	JobID           string `json:"jobID,omitempty"`
}

type VulnerabilityWorkload struct {
	Wlid             string              `json:"wlid"`
	ResourceHash     string              `json:"resourceHash"` //common hash of customerGUID, cluster, kind, name, namespace, apiVersion
	Name             string              `json:"name"`
	Namespace        string              `json:"namespace"`
	Kind             string              `json:"kind"`
	Cluster          string              `json:"cluster"`
	ClusterShortName string              `json:"clusterShortName"`
	LastScanTime     time.Time           `json:"lastScanTime"`
	CustomerGUID     string              `json:"customerGUID"`
	ImagesCount      int                 `json:"imagesCount"`
	CriticalCount    int                 `json:"criticalCount"`
	HighCount        int                 `json:"highCount"`
	MediumCount      int                 `json:"mediumCount"`
	LowCount         int                 `json:"lowCount"`
	SeverityStats    map[string][]string `json:"severityStats"`
	RiskFactorsCount int                 `json:"riskFactorsCount"`
	RiskFactors      []RiskFactor        `json:"riskFactors"`
	Labels           []string            `json:"labels"`
	HasRelevancyData bool                `json:"hasRelevancyData"`
	Images           []string            `json:"images"`
	Tickets          []Ticket            `json:"tickets,omitempty"`
}

type ContainerPathInfo struct {
	NameSpace        string `json:"namespace"`
	WorkloadName     string `json:"workloadName"`
	ContainerName    string `json:"containerName"`
	WorkloadKind     string `json:"workloadKind"`
	WorkloadHash     string `json:"workloadHash"`
	WLID             string `json:"wlid"`
	ClusterName      string `json:"clusterName"`
	ClusterShortName string `json:"clusterShortName"`
}

type ComponentSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Name            string              `json:"name"`
	Version         string              `json:"version"`
	PackageType     string              `json:"packageType"`
	FixVersions     []string            `json:"fixVersions"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ImagesCount     int                 `json:"imagesCount"`
	SeverityStats   map[string][]string `json:"severityStats"`
	Tickets         []Ticket            `json:"tickets,omitempty"`
}

type ImageSummary struct {
	CustomerGUID    string              `json:"customerGUID"`
	Tag             string              `json:"tag"`
	Digest          string              `json:"digest"`
	Registry        string              `json:"registry"`
	Repository      string              `json:"repository"`
	Architecture    string              `json:"architecture"`
	OS              string              `json:"os"`
	Size            uint64              `json:"size"`
	LastScanTime    time.Time           `json:"lastScanTime"`
	Clusters        []string            `json:"clusters"`
	Namespaces      []string            `json:"namespaces"`
	Workloads       []string            `json:"workloads"`
	Kinds           []string            `json:"kinds"`
	Containers      []string            `json:"containers"`
	SeverityStats   map[string][]string `json:"severityStats"`
	CriticalCount   int                 `json:"criticalCount"`
	HighCount       int                 `json:"highCount"`
	MediumCount     int                 `json:"mediumCount"`
	LowCount        int                 `json:"lowCount"`
	ClustersCount   int                 `json:"clustersCount"`
	NamespacesCount int                 `json:"namespacesCount"`
	WorkloadsCount  int                 `json:"workloadsCount"`
	ContainersCount int                 `json:"containersCount"`
	Tickets         []Ticket            `json:"tickets,omitempty"`
}

type VulnerabilitiesComponent struct {
	CustomerGUID string `json:"customerGUID"`
	Name         string `json:"name"`
	Version      string `json:"version"`
	PackageType  string `json:"packageType"`
	// swagger:ignore
	FirstSeen   time.Time           `json:"firstSeen"` //first found in the user account (not in the world)
	FixVersions []string            `json:"fixVersions"`
	PathsInfo   []ComponentPathInfo `json:"pathsInfo"`
}

type ComponentPathInfo struct {
	ContainerPathInfo
	ImageTag   string   `json:"imageTag"`
	ImageHash  string   `json:"imageHash"`
	IsRelevant string   `json:"isRelevant"`
	Paths      []string `json:"paths"`
}

type Vulnerability struct {
	Name               string                       `json:"name"`
	ID                 string                       `json:"id"`
	Severity           string                       `json:"severity"`
	SeverityScore      int                          `json:"severityScore"`
	Links              []string                     `json:"links"`
	Description        string                       `json:"description"`
	Exploitable        string                       `json:"exploitable"`
	IsRelevant         string                       `json:"isRelevant"`
	ComponentInfo      VulnerabilitiesComponent     `json:"componentInfo"`
	CvssInfo           CvssInfo                     `json:"cvssInfo"`
	EpssInfo           EpssInfo                     `json:"epssInfo"`
	CisaKevInfo        CisaKevInfo                  `json:"cisaKevInfo"`
	WorkloadsCount     int                          `json:"workloadsCount"`
	ImagesCount        int                          `json:"imagesCount"`
	IgnoreRulesSummary map[string]IgnoreRuleSummary `json:"ignoreRulesSummary"`
	Tickets            []Ticket                     `json:"tickets,omitempty"`
}

type CvssInfo struct {
	BaseScore    float64 `json:"baseScore"`
	ScoreVersion string  `json:"scoreVersion"`
	Severity     string  `json:"severity"`
	CVSS         []Cvss  `json:"cvss"`
}

type Cvss struct {
	Vector              string                 `json:"vector"`
	Version             string                 `json:"version"`
	Source              string                 `json:"source"`
	BaseScore           float64                `json:"baseScore"`
	ExploitabiltiyScore float64                `json:"exploitabilityScore"`
	ImpactScore         float64                `json:"impactScore"`
	ExploitabilityInfo  CvssExploitabilityInfo `json:"exploitabilityInfo"`
	ImpactInfo          CvssImpactInfo         `json:"impactInfo"`
}

type CvssExploitabilityInfo struct {
	AttackVector       string `json:"attackVector,omitempty"`
	AccessVector       string `json:"accessVector,omitempty"`
	AttackComplexity   string `json:"attackComplexity,omitempty"`
	AccessComplexity   string `json:"accessComplexity,omitempty"`
	Authentication     string `json:"authentication,omitempty"`
	PrivilegesRequired string `json:"privilegesRequired,omitempty"`
	UserInteraction    string `json:"userInteraction,omitempty"`
	Scope              string `json:"scope,omitempty"`
}

type CvssImpactInfo struct {
	Confidentiality string `json:"confidentiality,omitempty"`
	Integrity       string `json:"integrity,omitempty"`
	Availability    string `json:"availability,omitempty"`
}

type EpssInfo struct {
	Epss       float64 `json:"epss"`
	Percentile float64 `json:"percentile"`
	Date       string  `json:"date"`
}

type CisaKevInfo struct {
	DateAdded                  string `json:"dateAdded"`
	DueDate                    string `json:"dueDate"`
	KnownRansomwareCampaignUse string `json:"knownRansomwareCampaignUse"`
	Notes                      string `json:"notes"`
}

type IgnoreRuleSummary struct {
	NumberOfSystemRules int      `json:"numberOfSystemRules"`
	IgnoreRulesIDs      []string `json:"ignoreRulesIDs"`
}