Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow encrypted_ prefix to be marked as encrypted in SQL detections #283

Closed
cfabianski opened this issue Dec 17, 2022 · 0 comments · Fixed by #302
Closed

Allow encrypted_ prefix to be marked as encrypted in SQL detections #283

cfabianski opened this issue Dec 17, 2022 · 0 comments · Fixed by #302
Assignees
@spdawson
Labels
enhancement New feature or request

Comments

@cfabianski
Copy link
Collaborator

detect_encrypted_ruby_class_properties is the verifier we use to mark a SQL detection as encrypted.

We could add this new processor here that would automatically flag the fields that are prefixed by encrypted_ as encrypted.

package bearer.db_encrypted

 import future.keywords

 default encrypted := false

 encrypted = true {
     startswith(lower(input.target.value.field_name),  "encrypted_")
 }

 verified_by := [
     {
         "detector": "db_encrypted",
     }
@cfabianski cfabianski added the enhancement New feature or request label Dec 17, 2022
@spdawson spdawson self-assigned this Dec 19, 2022
spdawson added a commit that referenced this issue Dec 20, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
16253d5 
Closes #283
@spdawson spdawson mentioned this issue Dec 20, 2022
Merged
4 tasks
spdawson added a commit that referenced this issue Dec 22, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
500c8fb 
Closes #283
spdawson added a commit that referenced this issue Dec 22, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
1ee1796 
Closes #283
spdawson added a commit that referenced this issue Dec 22, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
92550a2 
Closes #283
spdawson added a commit that referenced this issue Dec 22, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
3c9e33e 
Closes #283
spdawson added a commit that referenced this issue Dec 23, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
b837bc0 
Closes #283
spdawson added a commit that referenced this issue Dec 23, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
3defaa3 
Closes #283
spdawson added a commit that referenced this issue Dec 23, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted
f9ab1cf 
Closes #283
spdawson added a commit that referenced this issue Dec 23, 2022
@spdawson
feat: Use encrypted_ column prefix to mark SQL detections encrypted (#…
136f4cb 
…302)

Closes #283
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spdawson spdawson

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: Use encrypted_ column prefix to mark SQL detections encrypted Bearer/bearer
2 participants
@cfabianski @spdawson