/
asana_workspace_form_link_auth_requirement_disabled.yml
56 lines (56 loc) · 2.09 KB
/
asana_workspace_form_link_auth_requirement_disabled.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
AnalysisType: rule
Description: "An Asana Workspace Form Link is a unique URL that allows you to create a task directly within a specific Workspace or Project in Asana, using a web form. Disabling authentication requirements may allow unauthorized users to create tasks. "
DisplayName: "Asana Workspace Form Link Auth Requirement Disabled"
Enabled: true
Filename: asana_workspace_form_link_auth_requirement_disabled.py
Reference: https://help.asana.com/hc/en-us/articles/14111697664923-Forms-access-permissions#:~:text=SSO%2C%20SAML%2C%20or-,no%20authentication%20method,-).%20If%20no%20authentication
Severity: Low
Tests:
- ExpectedResult: true
Log:
actor:
actor_type: user
email: homer.simpson@simpsons.com
gid: "1234567890"
name: Homer Simpson
context:
client_ip_address: 1.2.3.4
context_type: web
user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
created_at: "2022-12-16 19:32:00.922"
details: {}
event_category: admin_settings
event_type: workspace_form_link_authentication_required_disabled
gid: "1234567890"
resource:
gid: "111234"
name: Simpsons Lab
resource_type: workspace
Name: form auth requirement disabled
- ExpectedResult: false
Log:
actor:
actor_type: user
email: homer.simpson@panther.io
gid: "12345"
name: Homer Simpson
context:
client_ip_address: 12.12.12.12
context_type: web
user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
created_at: "2022-12-16 19:35:21.026"
details:
new_value: public
event_category: access_control
event_type: team_privacy_settings_changed
gid: "12345"
resource:
gid: "12345"
name: Example Team Name
resource_type: team
Name: other
DedupPeriodMinutes: 60
LogTypes:
- Asana.Audit
RuleID: "Asana.Workspace.Form.Link.Auth.Requirement.Disabled"
Threshold: 1