regscale-cli 6.19.1.0__py3-none-any.whl → 6.20.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (36) hide show
  1. regscale/__init__.py +1 -1
  2. regscale/airflow/config.py +2 -0
  3. regscale/airflow/tasks/groups.py +11 -47
  4. regscale/core/app/internal/login.py +49 -43
  5. regscale/core/app/internal/model_editor.py +2 -1
  6. regscale/dev/code_gen.py +2 -5
  7. regscale/integrations/commercial/amazon/common.py +5 -4
  8. regscale/integrations/commercial/aws/scanner.py +3 -2
  9. regscale/integrations/commercial/synqly/assets.py +20 -0
  10. regscale/integrations/commercial/synqly/ticketing.py +25 -0
  11. regscale/integrations/commercial/wizv2/click.py +3 -3
  12. regscale/integrations/public/fedramp/appendix_parser.py +499 -104
  13. regscale/integrations/public/fedramp/fedramp_five.py +89 -43
  14. regscale/integrations/scanner_integration.py +1 -1
  15. regscale/models/app_models/import_validater.py +2 -0
  16. regscale/models/integration_models/cisa_kev_data.json +355 -27
  17. regscale/models/integration_models/flat_file_importer/__init__.py +26 -9
  18. regscale/models/integration_models/synqly_models/capabilities.json +1 -1
  19. regscale/models/regscale_models/__init__.py +5 -0
  20. regscale/models/regscale_models/business_impact_assessment.py +71 -0
  21. regscale/models/regscale_models/control_implementation.py +15 -0
  22. regscale/models/regscale_models/master_assessment.py +19 -0
  23. regscale/models/regscale_models/policy.py +90 -0
  24. regscale/models/regscale_models/question.py +30 -2
  25. regscale/models/regscale_models/questionnaire.py +4 -3
  26. regscale/models/regscale_models/questionnaire_instance.py +37 -14
  27. regscale/models/regscale_models/rbac.py +0 -1
  28. regscale/models/regscale_models/regscale_model.py +16 -15
  29. regscale/models/regscale_models/risk_trend.py +67 -0
  30. regscale/utils/graphql_client.py +2 -1
  31. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/METADATA +130 -71
  32. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/RECORD +36 -33
  33. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/LICENSE +0 -0
  34. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/WHEEL +0 -0
  35. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/entry_points.txt +0 -0
  36. {regscale_cli-6.19.1.0.dist-info → regscale_cli-6.20.0.0.dist-info}/top_level.txt +0 -0
regscale/models/integration_models/flat_file_importer/__init__.py CHANGED
@@ -10,16 +10,17 @@ from abc import ABC, abstractmethod
10
10
  from collections import namedtuple
11
11
  from datetime import datetime, timedelta
12
12
  from os import PathLike
13
- from typing import Any, Callable, Generator, Iterator, List, Optional, Sequence, TextIO, Tuple, Union, TYPE_CHECKING
13
+ from typing import TYPE_CHECKING, Any, Callable, Generator, Iterator, List, Optional, Sequence, TextIO, Tuple, Union
14
14
 
15
15
  if TYPE_CHECKING:
16
16
  from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
17
17
 
18
+ from pathlib import Path
19
+
18
20
  import click
19
21
  import requests
20
22
  import xmltodict
21
23
  from openpyxl.reader.excel import load_workbook
22
- from pathlib import Path
23
24
 
24
25
  from regscale.core.app.api import Api
25
26
  from regscale.core.app.application import Application
@@ -237,12 +238,13 @@ class FlatFileImporter(ABC):
237
238
  asset_id = vuln.dns or vuln.ipAddress
238
239
  if not asset_id:
239
240
  return None
240
-
241
241
  severity = self.finding_severity_map.get(vuln.severity.capitalize(), regscale_models.IssueSeverity.Low)
242
242
  status = self.map_status_to_issue_status(vuln.status)
243
243
  cve: Optional[str] = getattr(vuln, "cve", "")
244
244
  extract_vuln: Any = self.extract_ghsa_strings(getattr(vuln, "plugInName", ""))
245
245
  plugin_name = getattr(vuln, "plugInName", getattr(vuln, "title", ""))
246
+ plugin_id = str(vuln.plugInId) if vuln.plugInId else ""
247
+ non_cve_identifier = self.determine_non_cve_identifier(cve)
246
248
  if not self.assert_valid_cve(cve):
247
249
  if isinstance(extract_vuln, list):
248
250
  cve = ", ".join(extract_vuln)
@@ -251,7 +253,8 @@ class FlatFileImporter(ABC):
251
253
  # with CVE or not.
252
254
  cve = extract_vuln
253
255
  if not self.assert_valid_cve(cve):
254
- plugin_name = cve
256
+ if not non_cve_identifier:
257
+ plugin_name = cve
255
258
  cve = ""
256
259
  remediation_description = ""
257
260
  if remediation := vuln.extra_data.get("solution"):
@@ -269,18 +272,19 @@ class FlatFileImporter(ABC):
269
272
  severity=severity,
270
273
  status=status,
271
274
  asset_identifier=asset_id,
272
- external_id=str(vuln.plugInId),
273
- rule_id=str(vuln.plugInId),
275
+ external_id=non_cve_identifier or plugin_id,
276
+ rule_id=plugin_id,
274
277
  first_seen=vuln.firstSeen,
275
278
  last_seen=vuln.lastSeen,
276
279
  remediation=remediation_description,
277
280
  cvss_score=vuln.vprScore,
278
281
  cve=cve,
279
282
  cvss_v3_base_score=vuln.cvsSv3BaseScore,
280
- source_rule_id=str(vuln.plugInId),
283
+ source_rule_id=plugin_id,
281
284
  vulnerability_type="Vulnerability Scan",
282
285
  baseline=f"{self.name} Host",
283
286
  results=vuln.title,
287
+ plugin_id=plugin_id or non_cve_identifier or plugin_name,
284
288
  plugin_name=plugin_name,
285
289
  date_created=vuln.firstSeen,
286
290
  date_last_updated=vuln.lastSeen,
@@ -838,10 +842,10 @@ class FlatFileImporter(ABC):
838
842
  :param str aws_profile: The AWS profile to use for S3 access
839
843
  :param Optional[bool] upload_file: Whether to upload the file to RegScale after processing, defaults to True
840
844
  """
841
- from regscale.core.app.utils.file_utils import download_from_s3
842
- from regscale.validation.record import validate_regscale_object
843
845
  from regscale.core.app.application import Application
846
+ from regscale.core.app.utils.file_utils import download_from_s3
844
847
  from regscale.exceptions import ValidationException
848
+ from regscale.validation.record import validate_regscale_object
845
849
 
846
850
  if s3_bucket:
847
851
  download_from_s3(s3_bucket, s3_prefix, folder_path, aws_profile)
@@ -890,6 +894,7 @@ class FlatFileImporter(ABC):
890
894
  :rtype: Callable[[Callable], click.option]
891
895
  """
892
896
  import os
897
+
893
898
  from regscale.models.app_models.click import NotRequiredIf
894
899
 
895
900
  mapping_dir = os.path.join("./", "mappings", import_name)
@@ -1101,3 +1106,15 @@ class FlatFileImporter(ABC):
1101
1106
  """
1102
1107
  pattern = r"^CVE-\d{4}-\d{4,}$"
1103
1108
  return bool(re.match(pattern, cve))
1109
+
1110
+ @staticmethod
1111
+ def determine_non_cve_identifier(vuln_id: str) -> str:
1112
+ """
1113
+ Determine the non-CVE identifier based on the CVE string
1114
+
1115
+ :param str vuln_id: The Vulnerability Identifier string
1116
+ :return: The non-CVE identifier
1117
+ :rtype: str
1118
+ """
1119
+ match_regex = "^(?:(?:ALSA|ALSA2|ALAS|ALAS2|ELSA)-(?:19|20)\\d{2}-\\d{4,5}|GHSA-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4})$"
1120
+ return vuln_id if re.match(match_regex, vuln_id) else ""