-
Notifications
You must be signed in to change notification settings - Fork 2.2k
/
attack_path.proto
131 lines (102 loc) · 4.2 KB
/
attack_path.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
// Copyright 2023 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.securitycenter.v2;
import "google/api/resource.proto";
option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
option java_multiple_files = true;
option java_outer_classname = "AttackPathProto";
option java_package = "com.google.cloud.securitycenter.v2";
option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
option ruby_package = "Google::Cloud::SecurityCenter::V2";
// A path that an attacker could take to reach an exposed resource.
message AttackPath {
option (google.api.resource) = {
type: "securitycenter.googleapis.com/AttackPath"
pattern: "organizations/{organization}/simulations/{simulation}/valuedResources/{valued_resource}/attackPaths/{attack_path}"
plural: "attackPaths"
singular: "attackPath"
};
// Represents one point that an attacker passes through in this attack path.
message AttackPathNode {
// A finding that is associated with this node in the attack path.
message PathNodeAssociatedFinding {
// Canonical name of the associated findings. Example:
// organizations/123/sources/456/findings/789
string canonical_finding = 1;
// The additional taxonomy group within findings from a given source.
string finding_category = 2;
// Full resource name of the finding.
string name = 3;
}
// The type of the incoming attack step node.
enum NodeType {
// Type not specified
NODE_TYPE_UNSPECIFIED = 0;
// Incoming edge joined with AND
NODE_TYPE_AND = 1;
// Incoming edge joined with OR
NODE_TYPE_OR = 2;
// Incoming edge is defense
NODE_TYPE_DEFENSE = 3;
// Incoming edge is attacker
NODE_TYPE_ATTACKER = 4;
}
// Detailed steps the attack can take between path nodes.
message AttackStepNode {
// Unique ID for one Node
string uuid = 1;
// Attack step type. Can be either AND, OR or DEFENSE
NodeType type = 2;
// User friendly name of the attack step
string display_name = 3;
// Attack step labels for metadata
map<string, string> labels = 4;
// Attack step description
string description = 5;
}
// The name of the resource at this point in the attack path.
// The format of the name follows the Cloud Asset Inventory [resource
// name
// format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
string resource = 1;
// The [supported resource
// type](https://cloud.google.com/asset-inventory/docs/supported-asset-types")
string resource_type = 2;
// Human-readable name of this resource.
string display_name = 3;
// The findings associated with this node in the attack path.
repeated PathNodeAssociatedFinding associated_findings = 4;
// Unique id of the attack path node.
string uuid = 5;
// A list of attack step nodes that exist in this attack path node.
repeated AttackStepNode attack_steps = 6;
}
// Represents a connection between a source node and a destination node in
// this attack path.
message AttackPathEdge {
// The attack node uuid of the source node.
string source = 1;
// The attack node uuid of the destination node.
string destination = 2;
}
// The attack path name, for example,
// `organizations/12/simulations/34/valuedResources/56/attackPaths/78`
string name = 1;
// A list of nodes that exist in this attack path.
repeated AttackPathNode path_nodes = 2;
// A list of the edges between nodes in this attack path.
repeated AttackPathEdge edges = 3;
}