regscale-cli 6.16.1.0__py3-none-any.whl → 6.16.3.0__py3-none-any.whl

regscale/integrations/commercial/qualys.py

@@ -27,9 +27,9 @@ from regscale.core.app.utils.app_utils import (
     save_data_to,
 )
 from regscale.core.app.utils.file_utils import download_from_s3
-from regscale.models.app_models.click import regscale_ssp_id
 from regscale.models import Asset, Issue, Search, regscale_models
 from regscale.models.app_models.click import NotRequiredIf, save_output_to
+from regscale.models.app_models.click import regscale_ssp_id
 from regscale.models.integration_models.flat_file_importer import FlatFileImporter
 from regscale.models.integration_models.qualys import (
     Qualys,
@@ -611,11 +611,7 @@ def get_scan_results(scans: Any, task: TaskID) -> dict:
     :return: dictionary of detailed Qualys scans
     :rtype: dict
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    qualys_url, QUALYS_API = _get_qualys_api()
 
     scan_data = {}
     # check number of scans requested
@@ -636,7 +632,7 @@ def get_scan_results(scans: Any, task: TaskID) -> dict:
             }
             # get the scan data via API
             res = QUALYS_API.get(
-                url=urljoin(config["qualysUrl"], "/api/2.0/fo/scan/"),
+                url=urljoin(qualys_url, "/api/2.0/fo/scan/"),
                 headers=HEADERS,
                 params=params,
             )
@@ -664,11 +660,7 @@ def get_detailed_scans(days: int) -> list:
     :return: list of results from Qualys API
     :rtype: list
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    qualys_url, QUALYS_API = _get_qualys_api()
 
     today = datetime.now()
     scan_date = today - timedelta(days=days)
@@ -684,12 +676,12 @@ def get_detailed_scans(days: int) -> list:
         "scan_datetime_since": scan_date.strftime("%Y-%m-%dT%H:%I:%S%ZZ"),
     }
     res = QUALYS_API.get(
-        url=urljoin(config["qualysUrl"], "/api/2.0/fo/scan/summary/"),
+        url=urljoin(qualys_url, "/api/2.0/fo/scan/summary/"),
         headers=HEADERS,
         params=params,
     )
     response = QUALYS_API.get(
-        url=urljoin(config["qualysUrl"], "/api/2.0/fo/scan/vm/summary/"),
+        url=urljoin(qualys_url, "/api/2.0/fo/scan/vm/summary/"),
         headers=HEADERS,
         params=params2,
     )
@@ -708,6 +700,34 @@ def get_detailed_scans(days: int) -> list:
     return res_data
 
 
+def _get_config():
+    """
+    Get the Qualys configuration
+
+    :return: Qualys configuration
+    :rtype: dict
+    """
+    app = check_license()
+    config = app.config
+    return config
+
+
+def _get_qualys_api():
+    """
+    Get the Qualys API session
+
+    :return: Qualys API session
+    :rtype: Session
+    """
+    config = _get_config()
+
+    # set the auth for the QUALYS_API session
+    QUALYS_API.auth = (config.get("qualysUserName"), config.get("qualysPassword"))
+    QUALYS_API.verify = config.get("qualysVerify", True)
+    qualys_url = config.get("qualysUrl")
+    return qualys_url, QUALYS_API
+
+
 def import_total_cloud_data_from_qualys_api(security_plan_id: int, include_tags: str, exclude_tags: str):
     """
     Function to get the total cloud data from Qualys API
@@ -717,10 +737,7 @@ def import_total_cloud_data_from_qualys_api(security_plan_id: int, include_tags:
     """
     try:
 
-        app = check_license()
-        config = app.config
-        # set the auth for the QUALYS_API session
-        QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+        qualys_url, QUALYS_API = _get_qualys_api()
         params = {
             "action": "list",
             "show_asset_id": "1",
@@ -733,7 +750,7 @@ def import_total_cloud_data_from_qualys_api(security_plan_id: int, include_tags:
             if include_tags:
                 params["tag_set_include"] = include_tags
         response = QUALYS_API.get(
-            url=urljoin(config["qualysUrl"], "/api/2.0/fo/asset/host/vm/detection/"),
+            url=urljoin(qualys_url, "/api/2.0/fo/asset/host/vm/detection/"),
             headers=HEADERS,
             params=params,
         )
@@ -761,17 +778,13 @@ def get_scans_summary(scan_choice: str) -> dict:
     :return: Detailed summary of scans from Qualys API as a dictionary
     :rtype: dict
     """
-    app = check_license()
-    config = app.config
+    qualys_url, QUALYS_API = _get_qualys_api()
     urls = []
 
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
-
     # set up variables for function
     scan_data = {}
     responses = []
-    scan_url = urljoin(config["qualysUrl"], "/api/2.0/fo/scan/")
+    scan_url = urljoin(qualys_url, "/api/2.0/fo/scan/")
 
     # set up parameters for the scans query
     params = {"action": "list"}
@@ -812,11 +825,7 @@ def get_scan_details(days: int) -> list:
     :return: Detailed summary of scans from Qualys API as a dictionary
     :rtype: list
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    qualys_url, QUALYS_API = _get_qualys_api()
     # get since date for API call
     since_date = datetime.now() - timedelta(days=days)
     # set up data and parameters for the scans query
@@ -835,12 +844,12 @@ def get_scan_details(days: int) -> list:
         "scan_datetime_since": since_date.strftime("%Y-%m-%dT%H:%M:%SZ"),
     }
     res = QUALYS_API.get(
-        url=urljoin(config["qualysUrl"], "/api/2.0/fo/scan/summary/"),
+        url=urljoin(qualys_url, "/api/2.0/fo/scan/summary/"),
         headers=headers,
         params=params,
     )
     response = QUALYS_API.get(
-        url=urljoin(config["qualysUrl"], "/api/2.0/fo/scan/vm/summary/"),
+        url=urljoin(qualys_url, "/api/2.0/fo/scan/vm/summary/"),
         headers=headers,
         params=params2,
     )
@@ -874,11 +883,7 @@ def sync_qualys_assets_and_vulns(
     :param Optional[Union[int, str]] asset_group_filter: Filter the Qualys assets by an asset group ID or name, if any
     :rtype: None
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    config = _get_config()
 
     # Get the assets from RegScale with the provided SSP ID
     logger.info("Getting assets from RegScale for SSP #%s...", ssp_id)
@@ -1086,14 +1091,10 @@ def get_qualys_assets_and_scan_results(
     :return: list of dictionaries containing asset data
     :rtype: list
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    qualys_url, QUALYS_API = _get_qualys_api()
     # set url
     if not url:
-        url = urljoin(config["qualysUrl"], "api/2.0/fo/asset/host/vm/detection?action=list&show_asset_id=1")
+        url = urljoin(qualys_url, "api/2.0/fo/asset/host/vm/detection?action=list&show_asset_id=1")
 
     # check if an asset group filter was provided and append it to the url
     if asset_group_filter:
@@ -1143,12 +1144,7 @@ def get_issue_data_for_assets(asset_list: list) -> Tuple[list[dict], int]:
     :return:  Updated asset list of Qualys assets and their associated vulnerabilities, total number of vulnerabilities
     :rtype: Tuple[list[dict], int]
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
-
+    config = _get_config()
     with job_progress:
         issues = {}
         for asset in asset_list:
@@ -1285,9 +1281,9 @@ def lookup_asset(asset_list: list, asset_id: str = None) -> list[Asset]:
     :rtype: list[Asset]
     """
     if asset_id:
-        results = [Asset(**asset) for asset in asset_list if getattr(asset, "qualysId", None) == asset_id]
+        results = [asset for asset in asset_list if getattr(asset, "qualysId", None) == asset_id]
     else:
-        results = [Asset(**asset) for asset in asset_list]
+        results = [asset for asset in asset_list]
     # Return unique list
     return list(set(results)) or []
 
@@ -1322,11 +1318,7 @@ def create_regscale_issue_from_vuln(
     :return: list of RegScale issues to update, and a list of issues to be created
     :rtype: Tuple[list[Issue], list[Issue]]
     """
-    app = check_license()
-    config = app.config
-
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
+    config = _get_config()
     default_status = config["issues"]["qualys"]["status"]
     regscale_issues = []
     regscale_existing_issues = Issue.get_all_by_parent(parent_id=regscale_ssp_id, parent_module="securityplans")
@@ -1441,13 +1433,10 @@ def get_asset_groups_from_qualys() -> list:
     :return: list of assets from Qualys
     :rtype: list
     """
-    app = check_license()
-    config = app.config
     asset_groups = []
 
-    # set the auth for the QUALYS_API session
-    QUALYS_API.auth = (config["qualysUserName"], config["qualysPassword"])
-    response = QUALYS_API.get(url=urljoin(config["qualysUrl"], "api/2.0/fo/asset/group?action=list"), headers=HEADERS)
+    qualys_url, QUALYS_API = _get_qualys_api()
+    response = QUALYS_API.get(url=urljoin(qualys_url, "api/2.0/fo/asset/group?action=list"), headers=HEADERS)
     if response.ok:
         logger.debug(response.text)
         try:

regscale/integrations/commercial/servicenow.py

@@ -741,6 +741,7 @@ def create_snow_tag(snow_config: ServiceNowConfig, tag_name: str) -> Optional[di
         "active": True,
         "sys_class_name": "tag",
         "type": "Standard",
+        "viewable_by": "everyone",
     }
     url = urljoin(snow_config.url, "api/now/table/label")
     response = snow_api.post(

regscale/integrations/commercial/snyk.py

@@ -18,7 +18,7 @@ def snyk():
 
 @snyk.command(name="import_snyk")
 @FlatFileImporter.common_scanner_options(
-    message="File path to the folder containing Snyk .xlsx files to process to RegScale.",
+    message="File path to the folder containing Snyk .xlsx or .json files to process to RegScale.",
     prompt="File path for Snyk files",
     import_name="snyk",
 )
@@ -77,7 +77,7 @@ def import_synk_files(
     FlatFileImporter.import_files(
         import_type=Snyk,
         import_name="Snyk",
-        file_types=".xlsx",
+        file_types=[".xlsx", ".json"],
         folder_path=folder_path,
         regscale_ssp_id=regscale_ssp_id,
         scan_date=scan_date,

regscale/integrations/commercial/synqly/ticketing.py

@@ -13,6 +13,17 @@ def ticketing() -> None:
     pass
 
 
+@ticketing.command(name="sync_autotask")
+@regscale_id()
+@regscale_module()
+def sync_autotask(regscale_id: int, regscale_module: str) -> None:
+    """Sync Ticketing data between Autotask and RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Ticketing
+
+    ticketing_autotask = Ticketing("autotask")
+    ticketing_autotask.run_sync(regscale_id=regscale_id, regscale_module=regscale_module)
+
+
 @ticketing.command(name="sync_jira")
 @regscale_id()
 @regscale_module()
@@ -111,6 +122,24 @@ def sync_servicenow(regscale_id: int, regscale_module: str, issue_type: str, def
     )
 
 
+@ticketing.command(name="sync_servicenow_sir")
+@regscale_id()
+@regscale_module()
+@click.option(
+    "--issue_type",
+    type=click.STRING,
+    help="servicenow_sir issue type",
+    required=True,
+    prompt="servicenow_sir issue type",
+)
+def sync_servicenow_sir(regscale_id: int, regscale_module: str, issue_type: str) -> None:
+    """Sync Ticketing data between Servicenow Sir and RegScale."""
+    from regscale.models.integration_models.synqly_models.connectors import Ticketing
+
+    ticketing_servicenow_sir = Ticketing("servicenow_sir")
+    ticketing_servicenow_sir.run_sync(regscale_id=regscale_id, regscale_module=regscale_module, issue_type=issue_type)
+
+
 @ticketing.command(name="sync_torq")
 @regscale_id()
 @regscale_module()

regscale/integrations/commercial/trivy/__init__.py

@@ -0,0 +1,5 @@
+"""
+Module for processing Trivy scan results and loading them into RegScale.
+"""
+
+from .commands import import_scans

regscale/integrations/commercial/trivy/commands.py

@@ -0,0 +1,74 @@
+"""
+This module contains the command line interface for the Trivy scanner integration.
+"""
+
+from datetime import datetime
+from typing import Optional
+
+import click
+from pathlib import Path
+
+from regscale.models.integration_models.flat_file_importer import FlatFileImporter
+
+
+@click.group()
+def trivy():
+    """Performs actions from the Trivy scanner integration."""
+    pass
+
+
+@trivy.command("import_scans")
+@FlatFileImporter.common_scanner_options(
+    message="File path to the folder containing JFrog XRay .json files to process to RegScale.",
+    prompt="File path for Grype files",
+    import_name="grype",
+)
+@click.option(
+    "--destination",
+    "-d",
+    help="Path to download the files to. If not provided, files will be downloaded to the temporary directory.",
+    type=click.Path(exists=True, dir_okay=True),
+    required=False,
+)
+@click.option(
+    "--file_pattern",
+    "-fp",
+    help="[Optional] File pattern to match (e.g., '*.json')",
+    required=False,
+)
+def import_scans(
+    destination: Optional[Path],
+    file_pattern: str,
+    folder_path: Path,
+    regscale_ssp_id: int,
+    scan_date: datetime,
+    mappings_path: Path,
+    disable_mapping: bool,
+    s3_bucket: str,
+    s3_prefix: str,
+    aws_profile: str,
+    upload_file: bool,
+) -> None:
+    """
+    Process Trivy scan results from a folder containing Trivy scan files and load into RegScale.
+    """
+    from regscale.integrations.commercial.trivy.scanner import TrivyIntegration
+
+    if s3_bucket and not folder_path:
+        folder_path = s3_bucket
+    ti = TrivyIntegration(
+        plan_id=regscale_ssp_id,
+        file_path=str(folder_path) if folder_path else None,
+        s3_bucket=s3_bucket,
+        s3_prefix=s3_prefix,
+        aws_profile=aws_profile,
+        scan_date=scan_date,
+        mappings_path=str(mappings_path) if mappings_path else None,
+        disable_mapping=disable_mapping,
+        download_destination=destination,
+        file_pattern=file_pattern,
+        read_files_only=True,
+        upload_file=upload_file,
+    )
+
+    ti.sync_assets_and_findings()

regscale/integrations/commercial/trivy/scanner.py

@@ -0,0 +1,276 @@
+"""
+Trivy Scanner Integration for RegScale.
+
+This module provides integration between Trivy scanner and RegScale,
+allowing you to import Trivy scan results into RegScale as assets and findings.
+"""
+
+import logging
+import os
+from typing import Any, Dict, List, Optional, Union, Tuple, TypeVar
+
+from pathlib import Path
+
+from regscale.core.app.utils.parser_utils import safe_datetime_str
+from regscale.integrations.jsonl_scanner_integration import JSONLScannerIntegration
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.models import IssueSeverity, AssetStatus, IssueStatus
+
+logger = logging.getLogger("regscale")
+
+# Define generic types for items that can be written to file
+T = TypeVar("T")
+ItemType = TypeVar("ItemType", IntegrationAsset, IntegrationFinding)
+
+
+class TrivyIntegration(JSONLScannerIntegration):
+    """Class for handling Trivy scanner integration."""
+
+    title: str = "Trivy"
+    asset_identifier_field: str = "otherTrackingNumber"
+    finding_severity_map: Dict[str, Any] = {
+        "CRITICAL": IssueSeverity.Critical.value,
+        "HIGH": IssueSeverity.High.value,
+        "MEDIUM": IssueSeverity.Moderate.value,
+        "LOW": IssueSeverity.Low.value,
+        "UNKNOWN": IssueSeverity.High.value,
+        "NEGLIGIBLE": IssueSeverity.High.value,
+    }
+
+    # Constants for file paths
+    ASSETS_FILE = "./artifacts/trivy_assets.jsonl"
+    FINDINGS_FILE = "./artifacts/trivy_findings.jsonl"
+
+    def __init__(self, *args, **kwargs):
+        """
+        Initialize the TrivyIntegration object.
+
+        :param Any kwargs: Keyword arguments
+        """
+        kwargs["read_files_only"] = True
+        kwargs["file_pattern"] = "*.json"
+        self.disable_mapping = kwargs["disable_mapping"] = True
+        super().__init__(*args, **kwargs)
+
+    def is_valid_file(self, data: Any, file_path: Union[Path, str]) -> Tuple[bool, Optional[Dict[str, Any]]]:
+        """
+        Check if the provided data is a valid Trivy scan result.
+
+        Validates that the data is from a Trivy JSON file with the required structure.
+        Logs a warning with the file path and returns (False, None) if invalid.
+
+        :param Any data: Data parsed from the file (string content when read_files_only is True, or file path otherwise)
+        :param Union[Path, str] file_path: Path to the file being processed
+        :return: Tuple of (is_valid, validated_data) where validated_data is the parsed JSON if valid
+        :rtype: Tuple[bool, Optional[Dict[str, Any]]]
+        """
+
+        # Check Trivy-specific structure
+        if not isinstance(data, dict):
+            logger.warning(f"File {file_path} is not a dict, skipping")
+            return False, None
+
+        if "Results" not in data:
+            logger.warning(f"File {file_path} has no 'Results' key, skipping")
+            return False, None
+
+        if not isinstance(data.get("Results"), list):
+            logger.warning(f"File {file_path} 'Results' is not a list, skipping")
+            return False, None
+
+        if "Metadata" not in data:
+            logger.warning(f"File {file_path} has no 'Metadata' key, skipping")
+            return False, None
+
+        return True, data
+
+    def parse_asset(self, file_path: Union[Path, str], data: Dict[str, Any]) -> IntegrationAsset:
+        """
+        Parse a single asset from Trivy scan data.
+
+        :param Union[Path, str] file_path: Path to the file containing the asset data
+        :param Dict[str, Any] data: The parsed JSON data
+        :return: IntegrationAsset object
+        :rtype: IntegrationAsset
+        """
+        # Convert path to string if it's not already
+        file_path_str = str(file_path)
+
+        # Get metadata and OS information
+        metadata = data.get("Metadata", {})
+        os_data = metadata.get("OS", {})
+
+        # Determine identifier from file name or data
+        if "sha256-" in file_path_str:
+            # Extract the sha256 from the filename
+            base_name = os.path.basename(file_path_str)
+            identifier = "sha256-" + base_name.split("sha256-")[1].split(".json")[0]
+        else:
+            identifier = metadata.get("ImageID", "Unknown")
+
+        # Get artifact name for other tracking number and fqdn
+        artifact_name = data.get("ArtifactName", identifier)
+
+        # Create and return the asset
+        return IntegrationAsset(
+            identifier=identifier,
+            name=identifier,
+            ip_address="0.0.0.0",
+            cpu=0,
+            ram=0,
+            status=AssetStatus.Active,
+            asset_type="Other",
+            asset_category="Software",
+            operating_system=f"{os_data.get('Family', '')} {os_data.get('Name', '')}",
+            notes=f"{os.path.basename(file_path_str)}",
+            other_tracking_number=artifact_name,
+            parent_id=self.plan_id,
+            parent_module="securityplans",
+            fqdn=artifact_name,
+        )
+
+    def _get_findings_data_from_file(self, data: Dict[str, Any]) -> List[Dict[str, Any]]:
+        """
+        Extract findings data from Trivy file data.
+
+        :param Dict[str, Any] data: The data from the Trivy file
+        :return: List of finding items
+        :rtype: List[Dict[str, Any]]
+        """
+        if not data or not isinstance(data, dict):
+            return []
+
+        findings = []
+
+        # Process all results
+        for result in data.get("Results", []):
+            if not isinstance(result, dict):
+                continue
+
+            # Extract vulnerabilities from the result
+            vulnerabilities = result.get("Vulnerabilities", [])
+            if not isinstance(vulnerabilities, list):
+                continue
+
+            # Add each vulnerability to the findings list
+            findings.extend(vulnerabilities)
+
+        return findings
+
+    def parse_finding(self, asset_identifier: str, data: Dict[str, Any], item: Dict[str, Any]) -> IntegrationFinding:
+        """
+        Parse a single finding from Trivy scan data.
+
+        :param str asset_identifier: The identifier of the asset this finding belongs to
+        :param Dict[str, Any] data: The parsed JSON data (for metadata)
+        :param Dict[str, Any] item: The finding data
+        :return: IntegrationFinding object
+        :rtype: IntegrationFinding
+        """
+        # Get scan date from the finding or use current time
+        scan_date = safe_datetime_str(data.get("CreatedAt"))
+
+        # Process severity
+        severity_str = item.get("Severity", "UNKNOWN")
+        severity_value = self.finding_severity_map.get(severity_str.upper(), IssueSeverity.High.value)
+        try:
+            severity = IssueSeverity(severity_value)
+        except ValueError:
+            severity = IssueSeverity.High
+
+        # Get CVSS fields
+        cvss_fields = self._get_cvss_score(item)
+
+        # Get data source information
+        data_source = item.get("DataSource", {})
+        plugin_name = data_source.get("Name", self.title)
+        plugin_id = data_source.get("ID", self.title)
+
+        metadata = data.get("Metadata", {})
+        os_family = metadata.get("OS", {}).get("Family", "")
+        os_name = metadata.get("OS", {}).get("Name", "")
+        if os_family and os_name == "unknown":
+            affected_os = "unknown"
+        else:
+            affected_os = f"{os_family} {os_name}"
+
+        # Set image digest from artifact name
+        artifact_name = data.get("ArtifactName", "")
+        image_digest = ""
+        if "@" in artifact_name:
+            image_digest = artifact_name.split("@")[1]
+
+        build_version = (
+            metadata.get("ImageConfig", {}).get("config", {}).get("Labels", {}).get("io.buildah.version", "")
+        )
+        pkg_name = item.get("PkgName", "")
+        cve = item.get("VulnerabilityID", "")
+
+        # Create and return the finding
+        return IntegrationFinding(
+            title=f"{cve}: {pkg_name}" if cve else pkg_name,
+            description=item.get("Description", "No description available"),
+            severity=severity,
+            status=IssueStatus.Open,
+            cvss_v3_score=cvss_fields.get("V3Score"),
+            cvss_v3_vector=cvss_fields.get("V3Vector") or "",
+            cvss_v2_score=cvss_fields.get("V2Score"),
+            cvss_v2_vector=cvss_fields.get("V2Vector") or "",
+            plugin_name=plugin_name,
+            plugin_id=plugin_id,
+            asset_identifier=asset_identifier,
+            cve=cve,
+            first_seen=scan_date,
+            last_seen=scan_date,
+            scan_date=scan_date,
+            date_created=scan_date,
+            category="Software",
+            control_labels=[],
+            installed_versions=item.get("InstalledVersion", ""),
+            affected_os=affected_os,
+            affected_packages=item.get("PkgID", ""),
+            image_digest=image_digest,
+            package_path=item.get("PkgIdentifier", {}).get("PURL", ""),
+            build_version=build_version,
+            fixed_versions=item.get("FixedVersion", ""),
+            fix_status=item.get("Status", ""),
+        )
+
+    @staticmethod
+    def _get_cvss_score(finding: Dict) -> dict:
+        """
+        Get the CVSS v3 and v2 scores and vectors from the cvss data.
+
+        :param Dict finding: The cvss data
+        :return: The CVSS fields
+        :rtype: dict
+        """
+        values = {
+            "V3Score": None,
+            "V2Score": None,
+            "V3Vector": None,
+            "V2Vector": None,
+        }
+
+        if cvs := finding.get("CVSS"):
+            if nvd := cvs.get("nvd"):
+                values["V3Score"] = nvd.get("V3Score", None)
+                values["V3Vector"] = nvd.get("V3Vector", None)
+                values["V2Score"] = nvd.get("V2Score", None)
+                values["V2Vector"] = nvd.get("V2Vector", None)
+            elif redhat := cvs.get("redhat"):
+                values["V3Score"] = redhat.get("V3Score", None)
+                values["V3Vector"] = redhat.get("V3Vector", None)
+                values["V2Score"] = redhat.get("V2Score", None)
+                values["V2Vector"] = redhat.get("V2Vector", None)
+            elif ghsa := cvs.get("ghsa"):
+                values["V3Score"] = ghsa.get("V3Score", None)
+                values["V3Vector"] = ghsa.get("V3Vector", None)
+                values["V2Score"] = ghsa.get("V2Score", None)
+                values["V2Vector"] = ghsa.get("V2Vector", None)
+            elif bitnami := cvs.get("bitnami"):
+                values["V3Score"] = bitnami.get("V3Score", None)
+                values["V3Vector"] = bitnami.get("V3Vector", None)
+                values["V2Score"] = bitnami.get("V2Score", None)
+                values["V2Vector"] = bitnami.get("V2Vector", None)
+        return values

regscale/integrations/commercial/veracode.py

@@ -83,7 +83,7 @@ def import_veracode_data(
     FlatFileImporter.import_files(
         import_type=Veracode,
         import_name="Veracode",
-        file_types=[".xml", ".xlsx"],
+        file_types=[".xml", ".xlsx", ".json"],
         folder_path=folder_path,
         regscale_ssp_id=regscale_ssp_id,
         scan_date=scan_date,