heimdall_tools 1.3.34 → 1.3.39.pre1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d54d4b22df45a476f595fcb5e915848a0ab4afdedab5bc01aed87a4aeb98daba
-  data.tar.gz: 9f0b90c76302fe9eea2508d04b9b6df33907ed7a1d775ffc7ac0cc1150573f09
+  metadata.gz: 5bf59c85ab39e97a18e7ef7a18d0820541df75fc321a017e3b5b633270596e51
+  data.tar.gz: 25c4ab33be6805034e122fb4491a2241ad8bb2f993f90290cef0c2fefe8f81a8
 SHA512:
-  metadata.gz: c2d99103ccb593b133e51cf5df81d9fa6d31426b24ba4b311840bdcbbf8aaa611c16db127eae2a10a6994113ce182e1d80f0716b341838e7bd1fa1120eced474
-  data.tar.gz: 8368dd53348c22851413faef53ee02515b64a8ef69a5ca02b81174d491b7db3129d158c02ce96733157e21d48bfa2e2922f5c0ab899465761256f4bf58027489
+  metadata.gz: b05652317c333cc5e0ac9eee14cef1052438b0d4b0e71a5bd9a6cc5cc79c312a314d939b9bbde5eeba64cf15edeb7e53633d61eecf5f3d44f8a8522551204001
+  data.tar.gz: 62de5d7471629610a26b2074a0fd1088717f0b2cd6199ec15d7c8b89787c682511f00e3088e9f7df7135f860e279afb7baaf86901a82239b359d6ddcb47d8f82

data/README.md

@@ -12,6 +12,9 @@ HeimdallTools supplies several methods to convert output from various tools to "
 - **nessus_mapper** - commercial vulnerability scanner
 - **snyk_mapper** - commercial package vulnerability scanner
 - **nikto_mapper** - open-source web server scanner 
+- **jfrog_xray_mapper** - package vulnerability scanner
+- **dbprotect_mapper** - database vulnerability scanner
+- **aws_config_mapper** - assess, audit, and evaluate AWS resources
 
 Ruby 2.4 or higher (check using "ruby -v")
 
@@ -181,6 +184,56 @@ FLAGS:
 example: heimdall_tools nikto_mapper -j nikto_results.json -o nikto_results.json
 ```
 
+## jfrog_xray_mapper
+
+jfrog_xray_mapper translates an JFrog Xray results JSON file into HDF format JSON to be viewable in Heimdall
+  
+```
+USAGE: heimdall_tools jfrog_xray_mapper [OPTIONS] -j <xray-results-json> -o <hdf-scan-results.json>
+
+FLAGS:
+    -j <xray_results_json>           : path to xray results JSON file.
+    -o --output <scan-results>       : path to output scan-results json.
+    -V --verbose                     : verbose run [optional].
+
+example: heimdall_tools jfrog_xray_mapper -j xray_results.json -o xray_results_hdf.json
+```
+
+## dbprotect_mapper
+
+dbprotect_mapper translates DBProtect report in `Check Results Details` format XML to HDF format JSON be viewed on Heimdall.
+  
+```
+USAGE: heimdall_tools dbprotect_mapper [OPTIONS] -x <check_results_details_report_xml> -o <db_protect_hdf.json>
+
+FLAGS:
+    -x <check_results_details_report_xml>           : path to DBProtect report XML file.
+    -o --output <scan-results>       : path to output scan-results json.
+    -V --verbose                     : verbose run [optional].
+
+example: heimdall_tools dbprotect_mapper -x check_results_details_report.xml -o db_protect_hdf.json
+```
+
+## aws_config_mapper
+
+aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format json to be viewable in Heimdall
+
+### AWS Config Rule Mapping:
+  The mapping of AWS Config Rules to 800-53 Controls was sourced from [this link](https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_4.html).
+  
+### Authentication with AWS:
+  [Developer Guide for configuring Ruby AWS SDK for authentication](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html)
+  
+```
+USAGE: heimdall_tools aws_config_mapper [OPTIONS] -o <hdf-scan-results.json>
+
+FLAGS:
+    -o --output <scan-results>       : path to output scan-results json.
+    -V --verbose                     : verbose run [optional].
+
+example: heimdall_tools aws_config_mapper -o aws_config_results_hdf.json
+```
+
 ## version  
 
 Prints out the gem version

data/lib/data/aws-config-mapping.csv

@@ -0,0 +1,107 @@
+AwsConfigRuleName,NIST-ID,Rev
+secretsmanager-scheduled-rotation-success-check,AC-2(1)|AC-2(j),4
+iam-user-group-membership-check,AC-2(1)|AC-2(j)|AC-3|AC-6,4
+iam-password-policy,AC-2(1)|AC-2(f)|AC-2(j)|IA-2|IA-5(1)(a)(d)(e)|IA-5(4),4
+access-keys-rotated,AC-2(1)|AC-2(j),4
+iam-user-unused-credentials-check,AC-2(1)|AC-2(3)|AC-2(f)|AC-3|AC-6,4
+securityhub-enabled,AC-2(1)|AC-2(4)|AC-2(12)(a)|AC-2(g)|AC-17(1)|AU-6(1)(3)|CA-7(a)(b)|SA-10|SI-4(2)|SI-4(4)|SI-4(5)|SI-4(16)|SI-4(a)(b)(c),4
+guardduty-enabled-centralized,AC-2(1)|AC-2(4)|AC-2(12)(a)|AC-2(g)|AC-17(1)|AU-6(1)(3)|CA-7(a)(b)|RA-5|SA-10|SI-4(1)|SI-4(2)|SI-4(4)|SI-4(5)|SI-4(16)|SI-4(a)(b)(c),4
+cloud-trail-cloud-watch-logs-enabled,AC-2(4)|AC-2(g)|AU-2(a)(d)|AU-3|AU-6(1)(3)|AU-7(1)|AU-12(a)(c)|CA-7(a)(b)|SI-4(2)|SI-4(4)|SI-4(5)|SI-4(a)(b)(c),4
+cloudtrail-enabled,AC-2(4)|AC-2(g)|AU-2(a)(d)|AU-3|AU-12(a)(c),4
+multi-region-cloudtrail-enabled,AC-2(4)|AU-2(a)(d)|AU-3|AU-12(a)(c),4
+rds-logging-enabled,AC-2(4)|AC-2(g)|AU-2(a)(d)|AU-3|AU-12(a)(c),4
+cloudwatch-alarm-action-check,AC-2(4)|AU-6(1)(3)|AU-7(1)|CA-7(a)(b)|IR-4(1)|SI-4(2)|SI-4(4)|SI-4(5)|SI-4(a)(b)(c),4
+redshift-cluster-configuration-check,AC-2(4)|AC-2(g)|AU-2(a)(d)|AU-3|AU-12(a)(c)|SC-13|SC-28,4
+iam-root-access-key-check,AC-2(f)|AC-2(j)|AC-3|AC-6|AC-6(10),4
+s3-bucket-logging-enabled,AC-2(g)|AU-2(a)(d)|AU-3|AU-12(a)(c),4
+cloudtrail-s3-dataevents-enabled,AC-2(g)|AU-2(a)(d)|AU-3|AU-12(a)(c),4
+root-account-mfa-enabled,AC-2(j)|IA-2(1)(11),4
+emr-kerberos-enabled,AC-2(j)|AC-3|AC-5(c)|AC-6,4
+iam-group-has-users-check,AC-2(j)|AC-3|AC-5(c)|AC-6|SC-2,4
+iam-policy-no-statements-with-admin-access,AC-2(j)|AC-3|AC-5(c)|AC-6|SC-2,4
+iam-user-no-policies-check,AC-2(j)|AC-3|AC-5(c)|AC-6,4
+s3-bucket-public-write-prohibited,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+lambda-function-public-access-prohibited,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+rds-snapshots-public-prohibited,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+redshift-cluster-public-access-check,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+s3-bucket-policy-grantee-check,AC-3|AC-6|SC-7|SC-7(3),4
+s3-bucket-public-read-prohibited,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+s3-account-level-public-access-blocks,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+dms-replication-not-public,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+ebs-snapshot-public-restorable-check,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+sagemaker-notebook-no-direct-internet-access,AC-3|AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+rds-instance-public-access-check,AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+lambda-inside-vpc,AC-4|SC-7|SC-7(3),4
+ec2-instances-in-vpc,AC-4|SC-7|SC-7(3),4
+restricted-common-ports,AC-4|CM-2|SC-7|SC-7(3),4
+restricted-ssh,AC-4|SC-7|SC-7(3),4
+vpc-default-security-group-closed,AC-4|SC-7|SC-7(3),4
+vpc-sg-open-only-to-authorized-ports,AC-4|SC-7|SC-7(3),4
+acm-certificate-expiration-check,AC-4|AC-17(2)|SC-12,4
+ec2-instance-no-public-ip,AC-4|AC-6|AC-21(b)|SC-7|SC-7(3),4
+elasticsearch-in-vpc-only,AC-4|SC-7|SC-7(3),4
+emr-master-no-public-ip,AC-4|AC-21(b)|SC-7|SC-7(3),4
+internet-gateway-authorized-vpc-only,AC-4|AC-17(3)|SC-7|SC-7(3),4
+codebuild-project-envvar-awscred-check,AC-6|IA-5(7)|SA-3(a),4
+ec2-imdsv2-check,AC-6,4
+iam-no-inline-policy-check,AC-6,4
+alb-http-to-https-redirection-check,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-13|SC-23,4
+redshift-require-tls-ssl,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-13,4
+s3-bucket-ssl-requests-only,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-13,4
+elb-acm-certificate-required,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-13,4
+alb-http-drop-invalid-header-enabled,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-23,4
+elb-tls-https-listeners-only,AC-17(2)|SC-7|SC-8|SC-8(1)|SC-23,4
+api-gw-execution-logging-enabled,AU-2(a)(d)|AU-3|AU-12(a)(c),4
+elb-logging-enabled,AU-2(a)(d)|AU-3|AU-12(a)(c),4
+vpc-flow-logs-enabled,AU-2(a)(d)|AU-3|AU-12(a)(c),4
+wafv2-logging-enabled,AU-2(a)(d)|AU-3|AU-12(a)(c)|SC-7|SI-4(a)(b)(c),4
+cloud-trail-encryption-enabled,AU-9|SC-13|SC-28,4
+cloudwatch-log-group-encrypted,AU-9|SC-13|SC-28,4
+s3-bucket-replication-enabled,AU-9(2)|CP-9(b)|CP-10|SC-5|SC-36,4
+cw-loggroup-retention-period-check,AU-11|SI-12,4
+ec2-instance-detailed-monitoring-enabled,CA-7(a)(b)|SI-4(2)|SI-4(a)(b)(c),4
+rds-enhanced-monitoring-enabled,CA-7(a)(b),4
+ec2-instance-managed-by-systems-manager,CM-2|CM-7(a)|CM-8(1)|CM-8(3)(a)|SA-3(a)|SA-10|SI-2(2)|SI-7(1),4
+ec2-managedinstance-association-compliance-status-check,CM-2|CM-7(a)|CM-8(3)(a)|SI-2(2),4
+ec2-stopped-instance,CM-2,4
+ec2-volume-inuse-check,CM-2|SC-4,4
+elb-deletion-protection-enabled,CM-2|CP-10,4
+cloudtrail-security-trail-enabled,CM-2,4
+ec2-managedinstance-patch-compliance-status-check,CM-8(3)(a)|SI-2(2)|SI-7(1),4
+db-instance-backup-enabled,CP-9(b)|CP-10|SI-12,4
+dynamodb-pitr-enabled,CP-9(b)|CP-10|SI-12,4
+elasticache-redis-cluster-automatic-backup-check,CP-9(b)|CP-10|SI-12,4
+dynamodb-in-backup-plan,CP-9(b)|CP-10|SI-12,4
+ebs-in-backup-plan,CP-9(b)|CP-10|SI-12,4
+efs-in-backup-plan,CP-9(b)|CP-10|SI-12,4
+rds-in-backup-plan,CP-9(b)|CP-10|SI-12,4
+dynamodb-autoscaling-enabled,CP-10|SC-5,4
+rds-multi-az-support,CP-10|SC-5|SC-36,4
+s3-bucket-versioning-enabled,CP-10|SI-12,4
+vpc-vpn-2-tunnels-up,CP-10,4
+elb-cross-zone-load-balancing-enabled,CP-10|SC-5,4
+root-account-hardware-mfa-enabled,IA-2(1)(11),4
+mfa-enabled-for-iam-console-access,IA-2(1)(2)(11),4
+iam-user-mfa-enabled,IA-2(1)(2)(11),4
+guardduty-non-archived-findings,IR-4(1)|IR-6(1)|IR-7(1)|RA-5|SA-10|SI-4(a)(b)(c),4
+codebuild-project-source-repo-url-check,SA-3(a),4
+autoscaling-group-elb-healthcheck-required,SC-5,4
+rds-instance-deletion-protection-enabled,SC-5,4
+alb-waf-enabled,SC-7|SI-4(a)(b)(c),4
+elasticsearch-node-to-node-encryption-check,SC-7|SC-8|SC-8(1),4
+cmk-backing-key-rotation-enabled,SC-12,4
+kms-cmk-not-scheduled-for-deletion,SC-12|SC-28,4
+api-gw-cache-enabled-and-encrypted,SC-13|SC-28,4
+efs-encrypted-check,SC-13|SC-28,4
+elasticsearch-encrypted-at-rest,SC-13|SC-28,4
+encrypted-volumes,SC-13|SC-28,4
+rds-storage-encrypted,SC-13|SC-28,4
+s3-bucket-server-side-encryption-enabled,SC-13|SC-28,4
+sagemaker-endpoint-configuration-kms-key-configured,SC-13|SC-28,4
+sagemaker-notebook-instance-kms-key-configured,SC-13|SC-28,4
+sns-encrypted-kms,SC-13|SC-28,4
+dynamodb-table-encrypted-kms,SC-13,4
+s3-bucket-default-lock-enabled,SC-28,4
+ec2-ebs-encryption-by-default,SC-28,4
+rds-snapshot-encrypted,SC-28,4
+cloud-trail-log-file-validation-enabled,SI-7|SI-7(1),4

data/lib/data/cwe-nist-mapping.csv

@@ -64,10 +64,13 @@
 251, Often Misused: String Management,,4,
 252, Unchecked Return Value,,4,
 256, Plaintext Storage of a Password,SC-28,4,Protection of Information at Rest
+257, Storing Passwords in a Recoverable Format,IA-5,4,Authenticator Management
 258, Empty Password in Configuration File,SC-28,4,Protection of Information at Rest
 259, Use of Hard-coded Password,,4,
 260, Password in Configuration File,SC-28,4,Protection of Information at Rest
 261, Weak Cryptography for Passwords,SC-13,4,Cryptographic Protection
+262, Not Using Password Aging,IA-5,4,Authenticator Management
+263, Password Aging with Long Expiration,IA-5,4,Authenticator Management
 265, Privilege / Sandbox Issues,AC-6,4,Least Privilege
 269, Improper Privilege Management,AC-4,4,Information Flow Enforcement
 272, Least Privilege Violation,AC-6,4,Least Privilege: Privilege Levels for Code Execution -8
@@ -175,8 +178,9 @@
 662, Improper Synchonization,,4,
 667, Improper Locking,,4,
 676, Use of Potentially Dangerous Function,,4,
-690,: Unchecked Return Value to NULL Pointer Dereference,,4,
+690, Unchecked Return Value to NULL Pointer Dereference,,4,
 691, Insufficient Control Flow Management,SI-11,4,Error Handling
+693, Protection Mechanism Failure,IA-5,4,Authenticator Management
 694, Use of Multiple Resources with Duplicate Identifier,,4,
 732, Incorrect Permission Assignment for Critical Resource,AC-3,4,Access Enforcement
 733, Compiler Optimization Removal or Modification of Security-critical Code,,4,

data/lib/heimdall_tools.rb

@@ -12,4 +12,7 @@ module HeimdallTools
   autoload :NessusMapper, 'heimdall_tools/nessus_mapper'
   autoload :SnykMapper, 'heimdall_tools/snyk_mapper'
   autoload :NiktoMapper, 'heimdall_tools/nikto_mapper'
+  autoload :JfrogXrayMapper, 'heimdall_tools/jfrog_xray_mapper'
+  autoload :DBProtectMapper, 'heimdall_tools/dbprotect_mapper'
+  autoload :AwsConfigMapper, 'heimdall_tools/aws_config_mapper'
 end

data/lib/heimdall_tools/aws_config_mapper.rb

@@ -0,0 +1,284 @@
+require 'aws-sdk-configservice'
+require 'heimdall_tools/hdf'
+require 'csv'
+require 'json'
+
+RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
+
+AWS_CONFIG_MAPPING_FILE = File.join(RESOURCE_DIR, 'aws-config-mapping.csv')
+
+NOT_APPLICABLE_MSG = 'No AWS resources found to evaluate complaince for this rule'.freeze
+INSUFFICIENT_DATA_MSG = 'Not enough data has been collectd to determine compliance yet.'.freeze
+
+##
+# HDF mapper for use with AWS Config rules.
+#
+# Ruby AWS Ruby SDK for ConfigService: 
+# - https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/ConfigService/Client.html
+#
+# rubocop:disable Metrics/AbcSize, Metrics/ClassLength
+module HeimdallTools
+  class AwsConfigMapper
+    def initialize(custom_mapping, verbose = false)
+      @verbose = verbose
+      @default_mapping = get_rule_mapping(AWS_CONFIG_MAPPING_FILE)
+      @custom_mapping = custom_mapping.nil? ? {} : get_rule_mapping(custom_mapping)
+      @client = Aws::ConfigService::Client.new
+      @issues = get_all_config_rules
+    end
+
+    ##
+    # Convert to HDF
+    #
+    # If there is overlap in rule names from @default_mapping and @custom_mapping,
+    # then the tags from both will be added to the rule.
+    def to_hdf
+      controls = @issues.map do |issue|
+        @item = {}
+        @item['id']              = issue[:config_rule_name]
+        @item['title']           = issue[:config_rule_name]
+        @item['desc']            = issue[:description]
+        @item['impact']          = 0.5
+        @item['tags']            = hdf_tags(issue)
+        @item['descriptions']    = hdf_descriptions(issue)
+        @item['refs']            = NA_ARRAY
+        @item['source_location'] = { ref: issue[:config_rule_arn], line: 1 }
+        @item['code']            = ''
+        @item['results']         = issue[:results]
+        # Avoid duplicating rules that exist in the custom mapping as 'unmapped' in this loop
+        if @custom_mapping.include?(issue[:config_rule_name]) && !@default_mapping.include?(issue[:config_rule_name])
+          nil
+        else
+          @item
+        end
+      end
+      results = HeimdallDataFormat.new(
+        profile_name: 'AWS Config',
+         title: 'AWS Config',
+         summary: 'AWS Config',
+         controls: controls,
+         statistics: { aws_config_sdk_version: Aws::ConfigService::GEM_VERSION }
+        )
+      results.to_hdf
+    end
+
+    private
+
+    ##
+    # Read in a config rule -> 800-53 control mapping CSV.
+    #
+    # Params: 
+    # - path: The file path to the CSV file
+    #
+    # Returns: A mapped version of the csv in the format { rule_name: row, ... }
+    def get_rule_mapping(path)
+      Hash[CSV.read(path, headers: true).map { |row| [row[0], row] }]
+    end
+
+    ##
+    # Fetches information on all of the config rules available to the
+    # AWS account.
+    #
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/ConfigService/Client.html#describe_config_rules-instance_method
+    #
+    # Returns: list of hash for all config rules available
+    def get_all_config_rules
+      config_rules = []
+
+      # Fetch all rules with pagination
+      response = @client.describe_config_rules
+      config_rules += response.config_rules
+      while response.next_token
+        response = @client.describe_config_rules(next_token: response.next_token)
+        config_rules += response.config_rules
+      end
+      config_rules = config_rules.map(&:to_h)
+
+      # Add necessary data to rules using helpers
+      add_compliance_to_config_rules(config_rules)
+      add_results_to_config_rules(config_rules)
+    end
+
+    ##
+    # Adds compliance information for config rules to the config rule hash
+    # from AwsConfigMapper::get_all_config_rules.
+    #
+    # `complaince_type` may be any of the following:
+    # ["COMPLIANT", "NON_COMPLIANT", "NOT_APPLICABLE", "INSUFFICIENT_DATA"]
+    #
+    # Params:
+    # - config_rules: The list of hash from AwsConfigMapper::get_all_config_rules
+    #
+    # Returns: The same config_rules array with `compliance` key added to each rule
+    def add_compliance_to_config_rules(config_rules)
+      mapped_compliance_results = fetch_all_compliance_info(config_rules)
+
+      # Add compliance to config_rules
+      config_rules.each do |rule|
+        rule[:compliance] = mapped_compliance_results[rule[:config_rule_name]]&.dig(:compliance, :compliance_type)
+      end
+
+      config_rules
+    end
+
+    ##
+    # Fetch and combine all compliance information for the config rules.
+    #
+    # AWS allows passing up to 25 rules at a time to this endpoint.
+    #
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/ConfigService/Client.html#describe_compliance_by_config_rule-instance_method
+    #
+    # Params:
+    # - config_rules: The list of hash from AwsConfigMapper::get_all_config_rules
+    #
+    # Returns: Results mapped by config rule in the format { name: {<response>}, ... }
+    def fetch_all_compliance_info(config_rules)
+      compliance_results = []
+
+      config_rules.each_slice(25).each do |slice|
+        config_rule_names = slice.map { |r| r[:config_rule_name] }
+        response = @client.describe_compliance_by_config_rule(config_rule_names: config_rule_names)
+        compliance_results += response.compliance_by_config_rules
+      end
+
+      # Map based on name for easy lookup
+      Hash[compliance_results.collect { |r| [r.config_rule_name, r.to_h] }]
+    end
+
+    ##
+    # Takes in config rules and formats the results for hdf format.
+    #
+    # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/ConfigService/Client.html#get_compliance_details_by_config_rule-instance_method
+    #
+    # Example hdf results:
+    # [
+    #   {
+    #     "code_desc": "This rule...",
+    #     "run_time": 0.314016,
+    #     "start_time": "2018-11-18T20:21:40-05:00",
+    #     "status": "passed"
+    #   },
+    #   ...
+    # ]
+    #
+    # Status may be any of the following: ['passed', 'failed', 'skipped', 'loaded']
+    #
+    # Params:
+    # - rule: Rules from AwsConfigMapper::get_all_config_rules
+    #
+    # Returns: The same config_rules array with `results` key added to each rule.
+    def add_results_to_config_rules(config_rules)
+      config_rules.each do |rule|
+        response = @client.get_compliance_details_by_config_rule(config_rule_name: rule[:config_rule_name], limit: 100)
+        rule_results = response.to_h[:evaluation_results]
+        while response.next_token
+          response = @client.get_compliance_details_by_config_rule(next_token: response.next_token, limit: 100)
+          rule_results += response.to_h[:evaluation_results]
+        end
+
+        rule[:results] = []
+        rule_results.each do |result|
+          hdf_result = {}
+          # code_desc
+          hdf_result['code_desc'] = result.dig(:evaluation_result_identifier, :evaluation_result_qualifier)&.map do |k, v|
+                                      "#{k}: #{v}"
+                                    end&.join(', ')
+          # start_time
+          hdf_result['start_time'] = if result.key?(:config_rule_invoked_time)
+                                       DateTime.parse(result[:config_rule_invoked_time].to_s).strftime('%Y-%m-%dT%H:%M:%S%:z')
+                                     end
+          # run_time
+          hdf_result['run_time'] = if result.key?(:result_recorded_time) && result.key?(:config_rule_invoked_time)
+                                     (result[:result_recorded_time] - result[:config_rule_invoked_time]).round(6)
+                                   end
+          # status
+          hdf_result['status'] = case result.dig(:compliance_type)
+                                 when 'COMPLIANT'
+                                   'passed'
+                                 when 'NON_COMPLIANT'
+                                   'failed'
+                                 else
+                                   'skipped'
+                                 end
+          hdf_result['message'] = "(#{hdf_result['code_desc']}): #{result[:annotation] || 'Rule does not pass rule compliance'}" if hdf_result['status'] == 'failed'
+          rule[:results] << hdf_result
+        end
+        next unless rule[:results].empty?
+
+        case rule[:compliance]
+        when 'NOT_APPLICABLE'
+          rule[:impact] = 0
+          rule[:results] << {
+            'run_time': 0,
+            'code_desc': NOT_APPLICABLE_MSG,
+            'skip_message': NOT_APPLICABLE_MSG,
+            'start_time': DateTime.now.strftime('%Y-%m-%dT%H:%M:%S%:z'),
+            'status': 'skipped'
+          }
+        when 'INSUFFICIENT_DATA'
+          rule[:results] << {
+            'run_time': 0,
+            'code_desc': INSUFFICIENT_DATA_MSG,
+            'skip_message': INSUFFICIENT_DATA_MSG,
+            'start_time': DateTime.now.strftime('%Y-%m-%dT%H:%M:%S%:z'),
+            'status': 'skipped'
+          }
+        end
+      end
+
+      config_rules
+    end
+
+    ##
+    # Takes in a config rule and pulls out tags that are useful for HDF.
+    #
+    # Params:
+    # - config_rule: A single config rule from AwsConfigMapper::get_all_config_rules
+    #
+    # Returns: Hash containing all relevant HDF tags
+    def hdf_tags(config_rule)
+      result = {}
+
+      @default_mapping
+      @custom_mapping
+
+      # NIST tag
+      result['nist'] = []
+      default_mapping_match = @default_mapping[config_rule[:config_rule_name]]
+      
+      result['nist'] += default_mapping_match[1].split('|') unless default_mapping_match.nil?
+
+      custom_mapping_match = @custom_mapping[config_rule[:config_rule_name]]
+      
+      result['nist'] += custom_mapping_match[1].split('|').map { |name| "#{name} (user provided)" } unless custom_mapping_match.nil?
+
+      result['nist'] = ['unmapped'] if result['nist'].empty?
+
+      result
+    end
+
+    def check_text(config_rule)
+      params = (JSON.parse(config_rule[:input_parameters]).map { |key, value| "#{key}: #{value}" }).join('<br/>')
+      check_text = config_rule[:config_rule_arn]
+      check_text += "<br/>#{params}" unless params.empty?
+      check_text
+    end
+
+    ##
+    # Takes in a config rule and pulls out information for the descriptions array
+    #
+    # Params:
+    # - config_rule: A single config rule from AwsConfigMapper::get_all_config_rules
+    #
+    # Returns: Array containing all relevant descriptions information
+    def hdf_descriptions(config_rule)
+      [
+        {
+          'label': 'check',
+          'data': check_text(config_rule)
+        }
+      ]
+    end
+  end
+end
+# rubocop:enable Metrics/AbcSize, Metrics/ClassLength

data/lib/heimdall_tools/burpsuite_mapper.rb

@@ -63,7 +63,7 @@ module HeimdallTools
     end
 
     def nist_tag(cweid)
-      entries = @cwe_nist_mapping.select { |x| cweid.include? x[:cweid].to_s }
+      entries = @cwe_nist_mapping.select { |x| cweid.include?(x[:cweid].to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| [x[:nistid], "Rev_#{x[:rev]}"] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end

data/lib/heimdall_tools/cli.rb

@@ -87,6 +87,42 @@ module HeimdallTools
       puts "#{options[:output]}"
     end
 
+    desc 'jfrog_xray_mapper', 'jfrog_xray_mapper translates Jfrog Xray results Json to HDF format Json be viewed on Heimdall'
+    long_desc Help.text(:jfrog_xray_mapper)
+    option :json, required: true, aliases: '-j'
+    option :output, required: true, aliases: '-o'
+    option :verbose, type: :boolean, aliases: '-V'
+    def jfrog_xray_mapper
+      hdf = HeimdallTools::JfrogXrayMapper.new(File.read(options[:json])).to_hdf
+      File.write(options[:output], hdf)
+      puts "\r\HDF Generated:\n"
+      puts "#{options[:output]}"
+    end
+    
+    desc 'dbprotect_mapper', 'dbprotect_mapper translates dbprotect results xml to HDF format Json be viewed on Heimdall'
+    long_desc Help.text(:dbprotect_mapper)
+    option :xml, required: true, aliases: '-x'
+    option :output, required: true, aliases: '-o'
+    option :verbose, type: :boolean, aliases: '-V'
+    def dbprotect_mapper
+      hdf = HeimdallTools::DBProtectMapper.new(File.read(options[:xml])).to_hdf
+      File.write(options[:output], hdf)
+      puts "\r\HDF Generated:\n"
+      puts "#{options[:output]}"
+    end
+
+    desc 'aws_config_mapper', 'aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format Json to be viewable in Heimdall'
+    long_desc Help.text(:aws_config_mapper)
+    # option :custom_mapping, required: false, aliases: '-m'
+    option :output, required: true, aliases: '-o'
+    option :verbose, type: :boolean, aliases: '-V'
+    def aws_config_mapper
+      hdf = HeimdallTools::AwsConfigMapper.new(options[:custom_mapping]).to_hdf
+      File.write(options[:output], hdf)
+      puts "\r\HDF Generated:\n"
+      puts "#{options[:output]}"
+    end
+
     desc 'version', 'prints version'
     def version
       puts VERSION

data/lib/heimdall_tools/dbprotect_mapper.rb

@@ -0,0 +1,127 @@
+require 'json'
+require 'csv'
+require 'heimdall_tools/hdf'
+require 'utilities/xml_to_hash'
+
+IMPACT_MAPPING = {
+  High: 0.7,
+  Medium: 0.5,
+  Low: 0.3,
+  Informational: 0.0
+}.freeze
+
+# rubocop:disable Metrics/AbcSize
+
+module HeimdallTools
+  class DBProtectMapper
+    def initialize(xml, name=nil, verbose = false)
+      @verbose = verbose
+
+      begin
+        dataset = xml_to_hash(xml)
+        @entries = compile_findings(dataset['dataset'])
+
+      rescue StandardError => e
+        raise "Invalid DBProtect XML file provided Exception: #{e};\nNote that XML must be of kind `Check Results Details`."
+      end
+
+    end
+
+    def to_hdf
+      controls = []
+      @entries.each do |entry|
+        @item = {}
+        @item['id']                 = entry['Check ID']
+        @item['title']              = entry['Check']
+        @item['desc']               = format_desc(entry)
+        @item['impact']             = impact(entry['Risk DV'])
+        @item['tags']               = {}
+        @item['descriptions']       = []
+        @item['refs']               = NA_ARRAY
+        @item['source_location']    = NA_HASH
+        @item['code']               = ''
+        @item['results']            = finding(entry)
+
+        controls << @item
+      end
+      controls = collapse_duplicates(controls)
+      results = HeimdallDataFormat.new(profile_name: @entries.first['Policy'],
+                                       version: "",
+                                       title: @entries.first['Job Name'],
+                                       summary: format_summary(@entries.first),
+                                       controls: controls)
+      results.to_hdf
+    end
+
+    private
+
+    def compile_findings(dataset)
+      keys = dataset['metadata']['item'].map{ |e| e['name']}
+      findings = dataset['data']['row'].map { |e| Hash[keys.zip(e['value'])] }
+      findings
+    end
+
+    def format_desc(entry)
+      text = []
+      text << "Task : #{entry['Task']}"
+      text << "Check Category : #{entry['Check Category']}"
+      text.join("; ")
+    end
+
+    def format_summary(entry)
+      text = []
+      text << "Organization : #{entry['Organization']}"
+      text << "Asset : #{entry['Check Asset']}"
+      text << "Asset Type : #{entry['Asset Type']}"
+      text << "IP Address, Port, Instance : #{entry['Asset Type']}"
+      text << "IP Address, Port, Instance : #{entry['IP Address, Port, Instance']}"
+      text.join("\n")
+    end
+
+    def finding(entry)
+      finding = {}
+
+      finding['code_desc'] = entry['Details']
+      finding['run_time'] = 0.0
+      finding['start_time'] = entry['Date']
+
+      case entry['Result Status']
+      when 'Fact'
+        finding['status'] = 'skipped'
+      when 'Failed'
+        finding['status'] = 'failed'
+        finding['backtrace'] = ["DB Protect Failed Check"]
+      when 'Finding'
+        finding['status'] = 'failed'
+      when 'Not A Finding'
+        finding['status'] = 'passed'
+      when 'Skipped'
+        finding['status'] = 'skipped'
+      else 
+        finding['status'] = 'skipped'
+      end
+      [finding]
+    end
+
+    def impact(severity)
+      IMPACT_MAPPING[severity.to_sym]
+    end
+
+    # DBProtect report could have multiple issue entries for multiple findings of same issue type.
+    # The meta data is identical across entries 
+    # method collapse_duplicates return unique controls with applicable findings collapsed into it.
+    def collapse_duplicates(controls)
+      unique_controls = []
+
+      controls.map { |x| x['id'] }.uniq.each do |id|
+        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map {|x| x['results']}
+        unique_control = controls.find { |x| x['id'].eql?(id) }
+        unique_control['results'] = collapsed_results.flatten
+        unique_controls << unique_control
+      end
+      unique_controls
+    end
+
+
+  end
+end

data/lib/heimdall_tools/fortify_mapper.rb

@@ -3,6 +3,7 @@ require 'heimdall_tools/hdf'
 require 'utilities/xml_to_hash'
 
 NIST_REFERENCE_NAME = 'Standards Mapping - NIST Special Publication 800-53 Revision 4'.freeze
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
 
 module HeimdallTools
   class FortifyMapper
@@ -68,7 +69,7 @@ module HeimdallTools
       references = rule['References']['Reference']
       references = [references] unless references.is_a?(Array)
       tag = references.detect { |x| x['Author'].eql?(NIST_REFERENCE_NAME) }
-      tag.nil? ? 'unmapped' : tag['Title'].match(/[a-zA-Z][a-zA-Z]-\d{1,2}/)
+      tag.nil? ? DEFAULT_NIST_TAG : tag['Title'].match(/[a-zA-Z][a-zA-Z]-\d{1,2}/)
     end
 
     def impact(classid)

data/lib/heimdall_tools/hdf.rb

@@ -29,7 +29,8 @@ module HeimdallTools
                    groups: NA_ARRAY,
                    status: 'loaded',
                    controls: NA_TAG,
-                   target_id: NA_TAG)
+                   target_id: NA_TAG,
+                   statistics: NA_HASH)
 
       @results_json = {}
       @results_json['platform'] = {}
@@ -40,6 +41,7 @@ module HeimdallTools
 
       @results_json['statistics'] = {}
       @results_json['statistics']['duration'] = duration || NA_TAG
+      @results_json['statistics'].merge! statistics
 
       @results_json['profiles'] = []
 

data/lib/heimdall_tools/help/aws_config_mapper.md

@@ -0,0 +1,30 @@
+  aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format json to be viewable in Heimdall
+
+AWS Config Rule Mapping:
+  The mapping of AWS Config Rules to 800-53 Controls was sourced from [this link](https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_4.html).
+  
+Authentication with AWS:
+  [Developer Guide for configuring Ruby AWS SDK for authentication](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html)
+
+  Authentication Example:
+  
+  - Create `~/.aws/credentials`
+  - Add contents to file, replacing with your access ID and key 
+
+        ```
+        [default]
+        aws_access_key_id = your_access_key_id
+        aws_secret_access_key = your_secret_access_key
+        ```
+
+  - (optional) set AWS region through `~/.aws/config` file with contents
+
+        ```
+        [default]
+        output = json
+        region = us-gov-west-1
+        ```
+
+Examples:
+
+  heimdall_tools aws_config_mapper -o aws_config_results.json

data/lib/heimdall_tools/help/dbprotect_mapper.md

@@ -0,0 +1,5 @@
+  dbprotect_mapper translates DBProtect report in `Check Results Details` format XML to HDF format JSON be viewed on Heimdall.
+  
+Examples:
+
+  heimdall_tools dbprotect_mapper -x check_results_details_report.xml -o db_protect_hdf.json

data/lib/heimdall_tools/help/jfrog_xray_mapper.md

@@ -0,0 +1,5 @@
+  jfrog_xray_mapper translates an JFrog Xray results JSON file into HDF format JSON to be viewable in Heimdall
+
+Examples:
+
+  heimdall_tools jfrog_xray_mapper -j xray_results.json -o output-file-name.json

data/lib/heimdall_tools/jfrog_xray_mapper.rb

@@ -0,0 +1,142 @@
+require 'json'
+require 'csv'
+require 'heimdall_tools/hdf'
+require 'utilities/xml_to_hash'
+
+RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
+
+CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
+
+IMPACT_MAPPING = {
+  high: 0.7,
+  medium: 0.5,
+  low: 0.3,
+}.freeze
+
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+
+# Loading spinner sign
+$spinner = Enumerator.new do |e|
+  loop do
+    e.yield '|'
+    e.yield '/'
+    e.yield '-'
+    e.yield '\\'
+  end
+end
+
+module HeimdallTools
+  class JfrogXrayMapper
+    def initialize(xray_json, name=nil, verbose = false)
+      @xray_json = xray_json
+      @verbose = verbose
+
+      begin
+        @cwe_nist_mapping = parse_mapper
+        @project = JSON.parse(xray_json)
+
+      rescue StandardError => e
+        raise "Invalid JFrog Xray JSON file provided Exception: #{e}"
+      end
+    end
+
+    def finding(vulnerability)
+      finding = {}
+      finding['status'] = 'failed'
+      finding['code_desc'] = []
+      finding['code_desc'] << "source_comp_id : #{vulnerability['source_comp_id'].to_s }"
+      finding['code_desc'] << "vulnerable_versions : #{vulnerability['component_versions']['vulnerable_versions'].to_s }"
+      finding['code_desc'] << "fixed_versions : #{vulnerability['component_versions']['fixed_versions'].to_s }"
+      finding['code_desc'] << "issue_type : #{vulnerability['issue_type'].to_s }"
+      finding['code_desc'] << "provider : #{vulnerability['provider'].to_s }"
+      finding['code_desc'] = finding['code_desc'].join("\n")
+      finding['run_time'] = NA_FLOAT
+
+      # Xray results does not profile scan timestamp; using current time to satisfy HDF format
+      finding['start_time'] = NA_STRING
+      [finding]
+    end
+
+    def nist_tag(cweid)
+      entries = @cwe_nist_mapping.select { |x| cweid.include?(x[:cweid].to_s) && !x[:nistid].nil? }
+      tags = entries.map { |x| x[:nistid] }
+      tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
+    end
+
+    def parse_identifiers(vulnerability, ref)
+      # Extracting id number from reference style CWE-297
+      vulnerability['component_versions']['more_details']['cves'][0][ref.downcase].map { |e| e.split("#{ref}-")[1]  }
+      rescue
+        return []
+    end
+
+    def impact(severity)
+      IMPACT_MAPPING[severity.downcase.to_sym]
+    end
+
+    def parse_mapper
+      csv_data = CSV.read(CWE_NIST_MAPPING_FILE, **{ encoding: 'UTF-8',
+                                                   headers: true,
+                                                   header_converters: :symbol,
+                                                   converters: :all })
+      csv_data.map(&:to_hash)
+    end
+
+    def desc_tags(data, label)
+      { "data": data || NA_STRING, "label": label || NA_STRING }
+    end
+
+    # Xray report could have multiple vulnerability entries for multiple findings of same issue type.
+    # The meta data is identical across entries 
+    # method collapse_duplicates return unique controls with applicable findings collapsed into it.
+    def collapse_duplicates(controls)
+      unique_controls = []
+
+      controls.map { |x| x['id'] }.uniq.each do |id|
+        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map {|x| x['results']}
+        unique_control = controls.find { |x| x['id'].eql?(id) }
+        unique_control['results'] = collapsed_results.flatten
+        unique_controls << unique_control
+      end
+      unique_controls
+    end
+
+    def to_hdf
+      controls = []
+      vulnerability_count = 0
+      @project['data'].uniq.each do | vulnerability |
+        printf("\rProcessing: %s", $spinner.next)
+        
+        vulnerability_count +=1
+        item = {}
+        item['tags']               = {}
+        item['descriptions']       = []
+        item['refs']               = NA_ARRAY
+        item['source_location']    = NA_HASH
+        item['descriptions']       = NA_ARRAY
+
+        # Xray JSONs might note have `id` fields populated. 
+        # If thats a case MD5 hash is used to collapse vulnerability findings of the same type.
+        item['id']                 = vulnerability['id'].empty? ? OpenSSL::Digest::MD5.digest(vulnerability['summary'].to_s).unpack("H*")[0].to_s : vulnerability['id']
+        item['title']              = vulnerability['summary'].to_s
+        item['desc']               = vulnerability['component_versions']['more_details']['description'].to_s
+        item['impact']             = impact(vulnerability['severity'].to_s) 
+        item['code']               = NA_STRING
+        item['results']            = finding(vulnerability)
+
+        item['tags']['nist']       = nist_tag( parse_identifiers( vulnerability, 'CWE') )
+        item['tags']['cweid']      = parse_identifiers( vulnerability, 'CWE')
+
+        controls << item
+      end
+
+      controls = collapse_duplicates(controls)
+      results = HeimdallDataFormat.new(profile_name: "JFrog Xray Scan",
+                                       version: NA_STRING,
+                                       title: "JFrog Xray Scan", 
+                                       summary: "Continuous Security and Universal Artifact Analysis",
+                                       controls: controls)
+      results.to_hdf
+    end
+  end
+end

data/lib/heimdall_tools/nessus_mapper.rb

@@ -140,7 +140,7 @@ module HeimdallTools
     end
 
     def plugin_nist_tag(pluginfamily, pluginid)
-      entries = @cwe_nist_mapping.select { |x| (x[:pluginfamily].eql?(pluginfamily) && (x[:pluginid].eql?('*') || x[:pluginid].eql?(pluginid.to_i)) ) }
+      entries = @cwe_nist_mapping.select { |x| (x[:pluginfamily].eql?(pluginfamily) && (x[:pluginid].eql?('*') || x[:pluginid].eql?(pluginid.to_i)) ) && !x[:nistid].nil? }
       tags = entries.map { |x| [x[:nistid].split('|'), "Rev_#{x[:rev]}"] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end

data/lib/heimdall_tools/nikto_mapper.rb

@@ -71,7 +71,7 @@ module HeimdallTools
     end
 
     def nist_tag(niktoid)
-      entries = @nikto_nist_mapping.select { |x| niktoid.eql?(x[:niktoid].to_s) }
+      entries = @nikto_nist_mapping.select { |x| niktoid.eql?(x[:niktoid].to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| x[:nistid] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end

data/lib/heimdall_tools/snyk_mapper.rb

@@ -74,7 +74,7 @@ module HeimdallTools
     end
 
     def nist_tag(cweid)
-      entries = @cwe_nist_mapping.select { |x| cweid.include? x[:cweid].to_s }
+      entries = @cwe_nist_mapping.select { |x| cweid.include?(x[:cweid].to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| x[:nistid] }
       tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end

data/lib/heimdall_tools/sonarqube_mapper.rb

@@ -5,6 +5,8 @@ require 'heimdall_tools/hdf'
 
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+
 MAPPING_FILES = {
   cwe: File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv'),
   owasp: File.join(RESOURCE_DIR, 'owasp-nist-mapping.csv')
@@ -237,7 +239,7 @@ class Control
       return [@mappings[tag_type][parsed_tag]].flatten.uniq
     end
 
-    ['unmapped'] # HDF expects this to be a list, but not an empty list even if there aren't results
+    DEFAULT_NIST_TAG # Entries with unmapped NIST tags are defaulted to NIST tags ‘SA-11, RA-5 Rev_4’
   end
 
   def hdf

data/lib/heimdall_tools/zap_mapper.rb

@@ -7,6 +7,7 @@ require 'heimdall_tools/hdf'
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 
 CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
 
 # rubocop:disable Metrics/AbcSize
 
@@ -64,9 +65,9 @@ module HeimdallTools
     end
 
     def nist_tag(cweid)
-      entries = @cwe_nist_mapping.select { |x| x[:cweid].to_s.eql?(cweid.to_s) }
+      entries = @cwe_nist_mapping.select { |x| x[:cweid].to_s.eql?(cweid.to_s) && !x[:nistid].nil? }
       tags = entries.map { |x| [x[:nistid], "Rev_#{x[:rev]}"] }
-      tags.empty? ? ['unmapped'] : tags.flatten.uniq
+      tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end
 
     def impact(riskcode)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: heimdall_tools
 version: !ruby/object:Gem::Version
-  version: 1.3.34
+  version: 1.3.39.pre1
 platform: ruby
 authors:
 - Robert Thew
@@ -10,8 +10,22 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-08-19 00:00:00.000000000 Z
+date: 2021-03-11 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-configservice
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1'
 - !ruby/object:Gem::Dependency
   name: nokogiri
   requirement: !ruby/object:Gem::Requirement
@@ -96,20 +110,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
-- !ruby/object:Gem::Dependency
-  name: nori
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.6'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.6'
 - !ruby/object:Gem::Dependency
   name: git-lite-version-bump
   requirement: !ruby/object:Gem::Requirement
@@ -166,20 +166,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -209,24 +195,31 @@ files:
 - Rakefile
 - exe/heimdall_tools
 - lib/data/U_CCI_List.xml
+- lib/data/aws-config-mapping.csv
 - lib/data/cwe-nist-mapping.csv
 - lib/data/nessus-plugins-nist-mapping.csv
 - lib/data/nikto-nist-mapping.csv
 - lib/data/owasp-nist-mapping.csv
 - lib/heimdall_tools.rb
+- lib/heimdall_tools/aws_config_mapper.rb
 - lib/heimdall_tools/burpsuite_mapper.rb
 - lib/heimdall_tools/cli.rb
 - lib/heimdall_tools/command.rb
+- lib/heimdall_tools/dbprotect_mapper.rb
 - lib/heimdall_tools/fortify_mapper.rb
 - lib/heimdall_tools/hdf.rb
 - lib/heimdall_tools/help.rb
+- lib/heimdall_tools/help/aws_config_mapper.md
 - lib/heimdall_tools/help/burpsuite_mapper.md
+- lib/heimdall_tools/help/dbprotect_mapper.md
 - lib/heimdall_tools/help/fortify_mapper.md
+- lib/heimdall_tools/help/jfrog_xray_mapper.md
 - lib/heimdall_tools/help/nessus_mapper.md
 - lib/heimdall_tools/help/nikto_mapper.md
 - lib/heimdall_tools/help/snyk_mapper.md
 - lib/heimdall_tools/help/sonarqube_mapper.md
 - lib/heimdall_tools/help/zap_mapper.md
+- lib/heimdall_tools/jfrog_xray_mapper.rb
 - lib/heimdall_tools/nessus_mapper.rb
 - lib/heimdall_tools/nikto_mapper.rb
 - lib/heimdall_tools/snyk_mapper.rb
@@ -249,11 +242,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.3
 signing_key: 
 specification_version: 4
 summary: Convert Forify, Openzap and Sonarqube results to HDF