regscale-cli 6.20.1.1__py3-none-any.whl → 6.20.3.0__py3-none-any.whl

regscale/integrations/scanner_integration.py

@@ -425,6 +425,8 @@ class IntegrationFinding:
     operational_requirements: Optional[str] = None
     deviation_rationale: Optional[str] = None
     is_cwe: bool = False
+    affected_controls: Optional[str] = None
+    identification: Optional[str] = "Vulnerability Assessment"
 
     poam_comments: Optional[str] = None
     vulnerability_id: Optional[int] = None
@@ -633,6 +635,8 @@ class ScannerIntegration(ABC):
         self.plan_id: int = plan_id
         self.tenant_id: int = tenant_id
         self.is_component: bool = is_component
+        if self.is_component:
+            self.component = regscale_models.Component.get_object(self.plan_id)
         self.components: ThreadSafeList[Any] = ThreadSafeList()
         self.asset_map_by_identifier: ThreadSafeDict[str, regscale_models.Asset] = ThreadSafeDict()
         self.software_to_create: ThreadSafeList[regscale_models.SoftwareInventory] = ThreadSafeList()
@@ -819,11 +823,12 @@ class ScannerIntegration(ABC):
     @abstractmethod
     def fetch_findings(self, *args, **kwargs) -> Iterator[IntegrationFinding]:
         """
-        Fetches findings from the integration
+        Fetches findings from the integration.
 
-        :return: A list of findings
-        :rtype: List[IntegrationFinding]
+        :return: An iterator of findings
+        :yield: Iterator[IntegrationFinding]
         """
+        pass
 
     @abstractmethod
     def fetch_assets(self, *args, **kwargs) -> Iterator[IntegrationAsset]:
@@ -831,7 +836,7 @@ class ScannerIntegration(ABC):
         Fetches assets from the integration
 
         :return: An iterator of assets
-        :rtype: Iterator[IntegrationAsset]
+        :yield: Iterator[IntegrationAsset]
         """
 
     def get_finding_status(self, status: Optional[str]) -> regscale_models.IssueStatus:
@@ -1024,10 +1029,10 @@ class ScannerIntegration(ABC):
             logger.warning("Asset has no identifier, skipping")
             return
 
-        component = None
+        component = getattr(self, "component") if self.is_component else None
         if component_name:
             logger.debug("Searching for component: %s...", component_name)
-            component = self.components_by_title.get(component_name)
+            component = component or self.components_by_title.get(component_name)
             if not component:
                 logger.debug("No existing component found with name %s, proceeding to create it...", component_name)
                 component = regscale_models.Component(
@@ -1610,7 +1615,7 @@ class ScannerIntegration(ABC):
         issue.severityLevel = finding.severity
         issue.issueOwnerId = self.assessor_id
         issue.securityPlanId = self.plan_id if not self.is_component else None
-        issue.identification = "Vulnerability Assessment"
+        issue.identification = finding.identification
         issue.dateFirstDetected = finding.first_seen
         issue.dueDate = finding.due_date
         issue.description = description
@@ -1628,6 +1633,7 @@ class ScannerIntegration(ABC):
         # Get control implementation ID for CCI if it exists
         # Only add CCI control ID if it exists
         cci_control_ids = [control_id] if control_id is not None else []
+        issue.affectedControls = finding.affected_controls
 
         issue.controlImplementationIds = list(set(finding._control_implementation_ids + cci_control_ids))  # noqa
         issue.isPoam = is_poam
@@ -1790,7 +1796,10 @@ class ScannerIntegration(ABC):
         :return: True if the issue should be a POAM, False otherwise
         :rtype: bool
         """
-        if ScannerVariables.vulnerabilityCreation.lower() == "poamcreation":
+        if (
+            ScannerVariables.vulnerabilityCreation.lower() == "poamcreation"
+            or ScannerVariables.complianceCreation.lower() == "poam"
+        ):
             return True
         if finding.due_date < get_current_datetime():
             return True
@@ -2702,6 +2711,7 @@ class ScannerIntegration(ABC):
         logger.info("Syncing %s findings...", kwargs.get("title", cls.title))
         instance = cls(plan_id=plan_id, **kwargs)
         instance.set_keys(**kwargs)
+        instance.ensure_data_types()
         # If a progress object was passed, use it instead of creating a new one
         instance.finding_progress = kwargs.pop("progress") if "progress" in kwargs else create_progress_object()
         instance.enable_finding_date_update = kwargs.get("enable_finding_date_update", False)
@@ -2771,6 +2781,7 @@ class ScannerIntegration(ABC):
         logger.info("Syncing %s assets...", kwargs.get("title", cls.title))
         instance = cls(plan_id=plan_id, **kwargs)
         instance.set_keys(**kwargs)
+        instance.ensure_data_types()
         instance.asset_progress = kwargs.pop("progress") if "progress" in kwargs else create_progress_object()
         if asset_count := kwargs.get("asset_count"):
             instance.num_assets_to_process = asset_count
@@ -2813,6 +2824,17 @@ class ScannerIntegration(ABC):
             else:
                 logger.debug("Unable to set the %s attribute", key)
 
+    def ensure_data_types(self) -> None:
+        """
+        A method to enforce kwarg data types.
+
+        :return: None
+        :rtype: None
+        """
+        # Ensure scan_date is a string
+        if not isinstance(self.scan_date, str):
+            self.scan_date = date_str(self.scan_date)
+
     def log_error(self, msg: str, *args) -> None:
         """
         Logs an error message

regscale/integrations/variables.py

@@ -25,3 +25,4 @@ class ScannerVariables(metaclass=RsVariablesMeta):
     issueDueDates: RsVariableType(dict, "dueDates", default="{'high': 60, 'moderate': 120, 'low': 364}", required=False)  # type: ignore # noqa: F722,F821
     maxRetries: RsVariableType(int, "3", default=3, required=False)  # type: ignore
     timeout: RsVariableType(int, "60", default=60, required=False)  # type: ignore
+    complianceCreation: RsVariableType(str, "Assessment|Issue|POAM", default="Assessment", required=False)  # type: ignore # noqa: F722,F821

regscale/models/app_models/click.py

@@ -2,7 +2,7 @@
 # -*- coding: utf-8 -*-
 """Module to allow dynamic click arguments and store commonly used click commands"""
 
-from typing import Tuple, Any, Optional
+from typing import Any, Callable, Optional, Tuple
 
 import click
 from pathlib import Path
@@ -128,6 +128,54 @@ def regscale_ssp_id(
     )
 
 
+def ssp_or_component_id(
+    ssp_kwargs: Optional[dict] = None,
+    component_kwargs: Optional[dict] = None,
+) -> Tuple[click.option, click.option]:
+    """
+    Function to return click.option for RegScale Component ID and SSP ID, user must provide either SSP ID or Component ID
+
+    :param Optional[dict] ssp_kwargs: kwargs to pass to click.option for RegScale SSP ID
+    :param Optional[dict] component_kwargs: kwargs to pass to click.option for RegScale Component ID
+    :return: click.option for RegScale Component ID and SSP ID
+    :rtype: click.option
+    """
+    if ssp_kwargs is None:
+        ssp_kwargs = {}
+    if component_kwargs is None:
+        component_kwargs = {}
+
+    def decorator(this_func) -> Callable[[Callable], click.option]:
+        """
+        Decorator to return click.option for RegScale Component ID and SSP ID
+        """
+        this_func = click.option(
+            "-id",
+            "-p",
+            "--regscale_ssp_id",
+            "--plan_id",
+            type=click.INT,
+            help=ssp_kwargs.pop("help", "The ID number from RegScale of the System Security Plan."),
+            prompt=ssp_kwargs.pop("prompt", None),
+            cls=NotRequiredIf,
+            not_required_if=["component_id"],
+            **ssp_kwargs,
+        )(this_func)
+        this_func = click.option(
+            "-c",
+            "--component_id",
+            type=click.INT,
+            help=component_kwargs.pop("help", "The ID number from RegScale of the Component."),
+            prompt=component_kwargs.pop("prompt", None),
+            cls=NotRequiredIf,
+            not_required_if=["regscale_ssp_id"],
+            **component_kwargs,
+        )(this_func)
+        return this_func
+
+    return decorator
+
+
 def regscale_id(
     help: str = "Enter the desired ID # from RegScale.",
     required: bool = True,

regscale/models/app_models/import_validater.py

@@ -58,6 +58,7 @@ class ImportValidater:
         skip_rows: Optional[int] = None,
         prompt: bool = True,
         ignore_unnamed: bool = False,
+        warn_extra_headers: bool = True,
     ):
         self.ignore_unnamed = ignore_unnamed
         self.prompt = prompt
@@ -74,6 +75,7 @@ class ImportValidater:
         self.keys = keys
         self.worksheet_name = worksheet_name
         self.skip_rows = skip_rows
+        self.warn_extra_headers = warn_extra_headers
         if self.file_type not in self._supported_types:
             raise ValidationException(
                 f"Unsupported file type: {self.file_type}, supported types are: {', '.join(self._supported_types)}",
@@ -148,7 +150,7 @@ class ImportValidater:
                 raise ValidationException(
                     f"{', '.join([f'`{header}`' for header in missing_headers])} header(s) not found in {self.file_path}"
                 )
-            if extra_headers:
+            if extra_headers and self.warn_extra_headers:
                 logger.warning("Extra headers found in the file: %s", ", ".join(extra_headers))
 
         if self.disable_mapping:

regscale/models/integration_models/axonius_models/connectors/__init__.py

@@ -0,0 +1,3 @@
+"""
+File that contains all connectors for the Axonius API.
+"""

regscale/models/integration_models/axonius_models/connectors/assets.py

@@ -0,0 +1,111 @@
+"""Assets Connector Model"""
+
+from typing import Iterator, Optional
+import pandas as pd
+import datetime
+from datetime import date
+import warnings
+import json
+import re
+
+from pydantic import ConfigDict
+
+from regscale.integrations.scanner_integration import (
+    IntegrationAsset,
+    IntegrationFinding,
+    ScannerIntegration,
+    ScannerIntegrationType,
+)
+from regscale.models.regscale_models import IssueSeverity, AssetStatus, ControlImplementation, SecurityControl
+from regscale.core.app.api import Api
+from regscale.core.app.application import Application
+
+
+class AxoniusIntegration(ScannerIntegration):
+    from regscale.integrations.variables import ScannerVariables
+
+    title = "Axonius"
+    # Required fields from ScannerIntegration
+    asset_identifier_field = "otherTrackingNumber"
+    finding_severity_map = {
+        "I": IssueSeverity.Critical,
+        "II": IssueSeverity.High,
+        "III": IssueSeverity.Moderate,
+        "IV": IssueSeverity.Low,
+    }
+    type = (
+        ScannerIntegrationType.CHECKLIST
+        if ScannerVariables.complianceCreation.lower() == "assessment"
+        else ScannerIntegrationType.CONTROL_TEST
+    )
+    app = Application()
+
+    def fetch_assets(self, *args, **kwargs) -> Iterator[IntegrationAsset]:
+        """
+        Fetches assets from Axonius
+
+        :yields: Iterator[IntegrationAsset]
+        """
+
+        # TEST: Parse Sample Axonius Object
+        axonius_object = pd.read_json("regscale/integrations/commercial/axonius/sample_axonius_object.json")
+
+        for ind, asset in axonius_object.iterrows():
+            integration_asset = IntegrationAsset(
+                name=asset["hostname"],
+                identifier=asset.COMPLIANCE_TABLE[0]["FISMA"],
+                serial_number=asset["serial"],
+                ip_address=asset["ip"],
+                status=AssetStatus.Active,
+                asset_category="Software",
+                asset_type="Other",
+            )
+            yield integration_asset
+
+    def fetch_findings(self, plan_id: int, *args, **kwargs) -> Iterator[IntegrationFinding]:
+        """
+        Unused method, but required by the parent class
+
+        :yields: Iterator[IntegrationFinding]
+
+        """
+        # TEST: Parse Sample Axonius Object
+        axonius_object = pd.read_json("regscale/integrations/commercial/axonius/sample_axonius_object.json")
+
+        for ind, asset in axonius_object.iterrows():
+            for finding in asset.COMPLIANCE_TABLE:
+                if finding["ComplianceResult"] != "PASSED":
+
+                    # Look for Control Title, Otherwise use Control ID
+                    existing_implementations = ControlImplementation.get_list_by_parent(
+                        regscale_id=plan_id, regscale_module="securityplans"
+                    )
+                    finding_control = re.search("[A-Z]{2}-\d+\d?(\(\d+\d?\))?", str(finding["800-53r5"]))[  # noqa: W605
+                        0
+                    ].lower()
+                    try:
+                        control_title = [
+                            control
+                            for control in existing_implementations
+                            if control["controlId"].lower() == finding_control
+                        ][0]["title"]
+                    except Exception:
+                        control_title = finding["800-53r5"]
+
+                    integration_finding = IntegrationFinding(
+                        title=f"Assessment Failure for Control ID: {control_title}",
+                        asset_identifier=finding["FISMA"],
+                        severity=self.finding_severity_map.get(finding["SEV"], IssueSeverity.NotAssigned),
+                        identification="Security Control Assessment",
+                        source_report="Axonius",
+                        status="Open",
+                        description=f"Issue for {finding['PLUGIN']}",
+                        plugin_name=finding["PLUGIN"],
+                        category="Other",
+                        control_labels=[finding["800-53r5"]],
+                        security_check=f"<strong>PLUGIN: </strong>{finding['PLUGIN']}<br><br><strong>FISMA: </strong>{finding['FISMA']}<br><br><strong>Compliance Result: </strong>{finding['ComplianceResult']}<br><br><strong>CCI: </strong>{finding['CCI']}<br><br><strong>800-53r5: </strong>{finding['800-53r5']}<br><br><strong>CSF: </strong>{finding['CSF']}<br><br><strong>VULID: </strong>{finding['VULID']}<br><br><strong>STIG: </strong>{finding['STIG']}",
+                        baseline=finding["STIG"],
+                        results=finding["ComplianceResult"],
+                        affected_controls=finding["800-53r5"],
+                    )
+                    yield integration_finding

regscale/models/integration_models/burp.py

@@ -9,10 +9,10 @@ from pathlib import Path
 from typing import Any, Generator, List, Optional, TextIO
 from urllib.parse import urlparse
 from xml.etree.ElementTree import Element, ParseError, fromstring, parse
+from logging import getLogger
 
 from regscale.core.app.api import Api
 from regscale.core.app.application import Application
-from regscale.core.app.logz import create_logger
 from regscale.core.app.utils.app_utils import check_file_path, get_current_datetime
 from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
 from regscale.models.integration_models.burp_models import BurpRequest, BurpResponse, Issue, RequestResponse
@@ -26,7 +26,7 @@ class Burp:
     """Burp Scan information"""
 
     def __init__(self, app: Application, file_path: str, encoding="utf-8", **kwargs) -> "Burp":
-        logger = create_logger("Burp")
+        logger = getLogger("regscale")
         logger.info("Now processing %s", file_path)
         self.integration_assets: Generator[IntegrationAsset, None, None] = (x for x in [])
         self.integration_findings: Generator[IntegrationFinding, None, None] = (x for x in [])
@@ -293,10 +293,10 @@ class Burp:
         :rtype: RequestResponse
         """
         request_data = item.find(".//request")
-        if response_data := item.find(".//response"):
-            base64_dat = bool(request_data.attrib["base64"]) if "base64" in item.attrib else False
+        if (response_data := item.find(".//response")) is not None:
+            base64_dat = request_data.attrib.get("base64", "false").lower() == "true"
             response_data_is_base64 = BurpResponse.is_base64(response_data.text)
-            method = request_data.attrib["method"] if "method" in item.attrib else "GET"
+            method = request_data.attrib.get("method", "GET")
             request = (
                 BurpRequest(dataString=request_data.text, base64=base64_dat, method=method)
                 if BurpRequest.is_base64(request_data.text)
@@ -395,7 +395,8 @@ class Burp:
         root = fromstring(html)
         return [link.text.strip() for link in root.iter("a")]
 
-    def get_domain_name(self, url: str) -> str:
+    @staticmethod
+    def get_domain_name(url: str) -> str:
         """
         Get the domain name from a URL
 
@@ -407,7 +408,8 @@ class Burp:
         domain_name = parsed_url.hostname
         return domain_name
 
-    def strip_html_tags(self, text: str) -> str:
+    @staticmethod
+    def strip_html_tags(text: str) -> str:
         """
         Strip HTML tags from a string.
 
@@ -420,7 +422,8 @@ class Burp:
         clean = re.sub(r"<.*?>", "", text)
         return clean
 
-    def extract_cve(self, input_string: str) -> Optional[str]:
+    @staticmethod
+    def extract_cve(input_string: str) -> Optional[str]:
         """
         Extract CVEs from a string.