regscale-cli 6.21.2.0__py3-none-any.whl → 6.28.2.1__py3-none-any.whl

tests/regscale/integrations/commercial/test_wiz_inventory.py

@@ -0,0 +1,256 @@
+import json
+import pytest
+
+from regscale.models.regscale_models import Asset, Component
+from tests.fixtures.test_fixture import CLITestFixture
+
+
+class TestWizInventory(CLITestFixture):
+    """
+    Unit tests for the WizInventory class methods.
+    """
+
+    SSP_ID = 51
+    SSP_MODULE = "securityplans"
+
+    wiz_projects = [
+        "e4cf6809-734e-4b7c-8456-3eb7bd179bc8",
+        "abeabc53-8774-4edf-91c0-61f228bedb1b",
+    ]
+    filter_by = {
+        "projectId": wiz_projects,
+    }
+    full_inventory = True
+    wiz_url = "https://api.us27.app.wiz.io/graphql"
+
+    @pytest.fixture
+    def test_wiz_data(self):
+        """
+        Load the test Wiz inventory data.
+        """
+        nodes = json.loads(
+            """[
+      {
+        "id": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+        "name": "Mock Software Asset Linux Alpine",
+        "type": "HOSTED_TECHNOLOGY",
+        "subscriptionId": "c558b4cf-e0d7-49f5-a916-da8d8cd1b116",
+        "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+        "graphEntity": {
+          "id": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+          "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+          "name": "Mock Software Asset Linux Alpine",
+          "type": "HOSTED_TECHNOLOGY",
+          "projects": [
+            {
+              "id": "608016f5-742b-4ea8-a70a-c95ba6eb6c29"
+            }
+          ],
+          "properties": {
+            "_environments": "test",
+            "_productIDs": "78e7e216-34c5-4871-a301-48e9322c9b89",
+            "_techIDs": "5555",
+            "_vertexID": "23d89702-28a7-4988-9864-bb3dc795b735",
+            "alternativeRegions": "westus",
+            "azurePublicAccess": false,
+            "cloudPlatform": "Azure",
+            "cloudProviderURL": "https://dummy-domain.com/#@domain.com/resource//subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+            "creationDate": "2023-01-10T23:30:36.8921214Z",
+            "encrypted": true,
+            "encryptionInTransit": true,
+            "externalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "isPublic": false,
+            "loggingEnabled": true,
+            "name": "test-fixture-assets-1",
+            "nativeType": "Microsoft.Storage/storageAccounts/blobServices/containers",
+            "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "publicExposure": "PublicExposureInvalid",
+            "region": "eastus",
+            "regionLocation": "US",
+            "regionType": "BucketRegionTypeDualRegion",
+            "resourceGroupExternalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test",
+            "retentionPeriod": 2592000,
+            "status": "Active",
+            "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+            "uniformACL": true,
+            "updateDate": "2023-12-08T00:39:54Z",
+            "updatedAt": "2024-01-09T17:40:12Z",
+            "versioningEnabled": true,
+            "webHostingEnabled": false,
+            "zone": null,
+            "port": 80,
+            "portEnd": 80,
+            "portRange": false,
+            "portStart": 80,
+            "portValidationResult": "Open",
+            "protocol": null,
+            "protocols": "HTTP",
+            "cpe": "cpe:/o:alpinelinux:alpine_linux:3.18.6",
+            "installedPackages": [
+              "alpine-baselayout (3.4.3-r1)",
+              "alpine-baselayout-data (3.4.3-r1)",
+              "alpine-keys (2.4-r1)"
+            ],
+            "techId": "1121",
+            "techName": "Linux Alpine",
+            "latestVersion": "3.18.6"
+          },
+          "firstSeen": "2024-02-01T06:15:10Z",
+          "lastSeen": "2024-02-15T13:04:10Z"
+        }
+      },
+      {
+        "id": "3056dce6-f1ae-4b94-a448-9de591e6f8a5",
+        "name": "Mock Software Asset Linux Alpine 2",
+        "type": "HOSTED_TECHNOLOGY",
+        "subscriptionId": "c558b4cf-e0d7-49f5-a916-da8d8cd1b116",
+        "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+        "graphEntity": {
+          "id": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+          "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+          "name": "Mock Software Asset Linux Alpine",
+          "type": "HOSTED_TECHNOLOGY",
+          "projects": [
+            {
+              "id": "608016f5-742b-4ea8-a70a-c95ba6eb6c29"
+            }
+          ],
+          "properties": {
+            "_environments": "test",
+            "_productIDs": "78e7e216-34c5-4871-a301-48e9322c9b89",
+            "_techIDs": "5555",
+            "_vertexID": "23d89702-28a7-4988-9864-bb3dc795b735",
+            "alternativeRegions": "westus",
+            "azurePublicAccess": false,
+            "cloudPlatform": "Azure",
+            "cloudProviderURL": "https://dummy-domain.com/#@domain.com/resource//subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+            "creationDate": "2023-01-10T23:30:36.8921214Z",
+            "encrypted": true,
+            "encryptionInTransit": true,
+            "externalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "isPublic": false,
+            "loggingEnabled": true,
+            "name": "test-fixture-assets-1",
+            "nativeType": "Microsoft.Storage/storageAccounts/blobServices/containers",
+            "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "publicExposure": "PublicExposureInvalid",
+            "region": "eastus",
+            "regionLocation": "US",
+            "regionType": "BucketRegionTypeDualRegion",
+            "resourceGroupExternalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test",
+            "retentionPeriod": 2592000,
+            "status": "Active",
+            "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+            "uniformACL": true,
+            "updateDate": "2023-12-08T00:39:54Z",
+            "updatedAt": "2024-01-09T17:40:12Z",
+            "versioningEnabled": true,
+            "webHostingEnabled": false,
+            "zone": null,
+            "port": 80,
+            "portEnd": 80,
+            "portRange": false,
+            "portStart": 80,
+            "portValidationResult": "Open",
+            "protocol": null,
+            "protocols": "HTTP",
+            "cpe": "cpe:/o:alpinelinux:alpine_linux:3.18.6",
+            "installedPackages": [
+              "alpine-baselayout (3.4.3-r1)",
+              "alpine-baselayout-data (3.4.3-r1)",
+              "alpine-keys (2.4-r1)"
+            ],
+            "techId": "1121",
+            "techName": "Linux Alpine",
+            "latestVersion": "3.18.6"
+          },
+          "firstSeen": "2024-02-01T06:15:10Z",
+          "lastSeen": "2024-02-15T13:04:10Z"
+        }
+      },
+      {
+        "id": "d31f37cc-61e8-4b2a-be64-c078b9abdfa6",
+        "name": "Mock Software Asset Linux Alpine 3",
+        "type": "HOSTED_TECHNOLOGY",
+        "subscriptionId": "c558b4cf-e0d7-49f5-a916-da8d8cd1b116",
+        "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+        "graphEntity": {
+          "id": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+          "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+          "name": "Mock Software Asset Linux Alpine",
+          "type": "HOSTED_TECHNOLOGY",
+          "projects": [
+            {
+              "id": "608016f5-742b-4ea8-a70a-c95ba6eb6c29"
+            }
+          ],
+          "properties": {
+            "_environments": "test",
+            "_productIDs": "78e7e216-34c5-4871-a301-48e9322c9b89",
+            "_techIDs": "5555",
+            "_vertexID": "23d89702-28a7-4988-9864-bb3dc795b735",
+            "alternativeRegions": "westus",
+            "azurePublicAccess": false,
+            "cloudPlatform": "Azure",
+            "cloudProviderURL": "https://dummy-domain.com/#@domain.com/resource//subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummystorage/blobservices/default/containers/1-test-asset-1",
+            "creationDate": "2023-01-10T23:30:36.8921214Z",
+            "encrypted": true,
+            "encryptionInTransit": true,
+            "externalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "isPublic": false,
+            "loggingEnabled": true,
+            "name": "test-fixture-assets-1",
+            "nativeType": "Microsoft.Storage/storageAccounts/blobServices/containers",
+            "providerUniqueId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test/providers/microsoft.storage/storageaccounts/dummytorage/blobservices/default/containers/1-test-asset-1",
+            "publicExposure": "PublicExposureInvalid",
+            "region": "eastus",
+            "regionLocation": "US",
+            "regionType": "BucketRegionTypeDualRegion",
+            "resourceGroupExternalId": "/subscriptions/23035da6-a1bd-4779-ab04-e3adbdec5947/resourcegroups/rg_tenantapp_test",
+            "retentionPeriod": 2592000,
+            "status": "Active",
+            "subscriptionExternalId": "23035da6-a1bd-4779-ab04-e3adbdec5947",
+            "uniformACL": true,
+            "updateDate": "2023-12-08T00:39:54Z",
+            "updatedAt": "2024-01-09T17:40:12Z",
+            "versioningEnabled": true,
+            "webHostingEnabled": false,
+            "zone": null,
+            "port": 80,
+            "portEnd": 80,
+            "portRange": false,
+            "portStart": 80,
+            "portValidationResult": "Open",
+            "protocol": null,
+            "protocols": "HTTP",
+            "cpe": "cpe:/o:alpinelinux:alpine_linux:3.18.6",
+            "installedPackages": [
+              "alpine-baselayout (3.4.3-r1)",
+              "alpine-baselayout-data (3.4.3-r1)",
+              "alpine-keys (2.4-r1)"
+            ],
+            "techId": "1121",
+            "techName": "Linux Alpine",
+            "latestVersion": "3.18.6"
+          },
+          "firstSeen": "2024-02-01T06:15:10Z",
+          "lastSeen": "2024-02-15T13:04:10Z"
+        }
+      }
+    ]"""
+        )
+        return nodes
+
+    def test_cleanup_inventory(self, test_wiz_data):
+        """
+        Test the cleanup_inventory method to ensure it removes any inventory items that are no longer present in Wiz.
+        """
+
+        assets = Asset.get_all_by_parent(parent_id=self.SSP_ID, parent_module=self.SSP_MODULE)
+        components = Component.get_all_by_parent(parent_id=self.SSP_ID, parent_module=self.SSP_MODULE)
+        for asset in assets:
+            if asset.wizId != "23035da6-a1bd-4779-ab04-e3adbdec5947":
+                asset.delete()
+            asset.delete()
+        for component in components:
+            component.delete()

tests/regscale/integrations/commercial/wizv2/__init__.py

@@ -0,0 +1,339 @@
+"""
+Test data for the WizV2 integration
+"""
+
+PLAN_ID = 3
+PROJECT_ID = "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"  # Match the project ID in vuln_nodes
+IMAGE_NAME = "docker.io/regscale/regscale:5.41.0"
+SHA_7b5f = "sha256:2fe823f07445e9ab5b126f19f31770a62740eff8f2b0135a5a184772181d7b5f"
+SHA_375b = "sha256:f6b8d5292dd90c81bdedf7a81b1379b9c6e935938e1a46b75427a3ba8d35375b"
+JULY_16_2024 = "2024-07-16T19:51:33Z"
+JULY_09_2024 = "2024-07-09T17:15:00Z"
+REGSCALE_DOCKER_URL = "docker.io/regscale/regscale"
+
+asset_nodes = [
+    {
+        "id": "52c50c20-3d07-58ac-ab2e-c412bf35351b",
+        "name": IMAGE_NAME,
+        "type": "CONTAINER_IMAGE",
+        "subscriptionId": None,
+        "subscriptionExternalId": None,
+        "graphEntity": {
+            "id": "52c50c20-3d07-58ac-ab2e-c412bf35351b",
+            "providerUniqueId": None,
+            "name": IMAGE_NAME,
+            "type": "CONTAINER_IMAGE",
+            "projects": [{"id": "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"}],
+            "properties": {
+                "_productIDs": ["406bb94b-b8ae-5700-8fa0-c4c529d1d53f"],
+                "_vertexID": "52c50c20-3d07-58ac-ab2e-c412bf35351b",
+                "architecture": "amd64",
+                "cloudPlatform": None,
+                "cloudProviderURL": None,
+                "digest": None,
+                "externalId": "docker.io##regscale/regscale:5.41.0",
+                "imageTags": "5.41.0",
+                "name": IMAGE_NAME,
+                "nativeType": "dockerHubImage",
+                "providerUniqueId": None,
+                "region": None,
+                "resourceGroupExternalId": None,
+                "status": "Active",
+                "subscriptionExternalId": None,
+                "uniqueUnorderedLayerIds": [
+                    "sha256:d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820",
+                    "sha256:5eda52074615a611da6247776046258a553e90c6450368f50e2e20d125f4fca2",
+                    "sha256:79b503757f21dd6e1fbf3883f3c170a29ebac82e1d0ab4298467c36e79f9b4c4",
+                    "sha256:3a2446b9f9a730513eb6e998a56d11af2dfa02e1d46fa9966026429919bf0be8",
+                    "sha256:c64131071bac812b52d4c2f515fba7e5d252ad2dc1ec7b7cd3882cc4aa4c9266",
+                    "sha256:555e17ce64e7fd12035fb1bf7eecbf0f63b7776653f488d4fd9cff35ff10f392",
+                    "sha256:df5dc9c1dcac3a2043fc44f68d5efbd4aa255d273826c16de4a0da5a7f91b569",
+                    "sha256:5fb3b84a424a47e181cc8a4de1f78afa5f347b2ca6c14d5dd5cd5c320332e6f8",
+                    "sha256:3ce05f582886f743f497269cebed1d7876fe7c4e794fd70b0a9968182a722d4a",
+                    "sha256:c092c4c4051d32b62d7ab7d734b322d4959239517f2994593dfbec61a55b555e",
+                    SHA_7b5f,
+                    "sha256:c72712e86e45ac99e34ca3f60df02345fb4bdfb171c7ffb3e3cda409c77c7c6c",
+                    "sha256:d6123721a15aa5ddd5b8a62744109f956342f4a48adfb1ff73566e7d482abf0e",
+                    SHA_375b,
+                ],
+                "updatedAt": "2024-07-16T21:37:42Z",
+                "zone": None,
+            },
+            "technologies": [
+                {
+                    "name": "Client Application",
+                    "deploymentModel": "CLIENT_APPLICATION",
+                }
+            ],
+            "firstSeen": "2024-05-07T02:12:09.330868Z",
+            "lastSeen": "2024-07-17T05:21:08Z",
+        },
+    },
+    {
+        "id": "52c50c20-3d07-58ac-ab2e-c412bf35351c",
+        "name": IMAGE_NAME,
+        "type": "CONTAINER_IMAGE",
+        "subscriptionId": None,
+        "subscriptionExternalId": None,
+        "graphEntity": {
+            "id": "52c50c20-3d07-58ac-ab2e-c412bf35351c",
+            "providerUniqueId": None,
+            "name": "docker.io/regscale/regscale:5.43.0",
+            "type": "CONTAINER_IMAGE",
+            "projects": [{"id": "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"}],
+            "properties": {
+                "_productIDs": ["406bb94b-b8ae-5700-8fa0-c4c529d1d53f"],
+                "_vertexID": "52c50c20-3d07-58ac-ab2e-c412bf35351c",
+                "architecture": "amd64",
+                "cloudPlatform": None,
+                "cloudProviderURL": None,
+                "digest": None,
+                "externalId": "docker.io##regscale/regscale:5.41.0",
+                "imageTags": "5.41.0",
+                "name": IMAGE_NAME,
+                "nativeType": "dockerHubImage",
+                "providerUniqueId": None,
+                "region": None,
+                "resourceGroupExternalId": None,
+                "status": "Active",
+                "subscriptionExternalId": None,
+                "uniqueUnorderedLayerIds": [
+                    "sha256:d4fc045c9e3a848011de66f34b81f052d4f2c15a17bb196d637e526349601820",
+                    "sha256:5eda52074615a611da6247776046258a553e90c6450368f50e2e20d125f4fca2",
+                    "sha256:79b503757f21dd6e1fbf3883f3c170a29ebac82e1d0ab4298467c36e79f9b4c4",
+                    "sha256:3a2446b9f9a730513eb6e998a56d11af2dfa02e1d46fa9966026429919bf0be8",
+                    "sha256:c64131071bac812b52d4c2f515fba7e5d252ad2dc1ec7b7cd3882cc4aa4c9266",
+                    "sha256:555e17ce64e7fd12035fb1bf7eecbf0f63b7776653f488d4fd9cff35ff10f392",
+                    "sha256:df5dc9c1dcac3a2043fc44f68d5efbd4aa255d273826c16de4a0da5a7f91b569",
+                    "sha256:5fb3b84a424a47e181cc8a4de1f78afa5f347b2ca6c14d5dd5cd5c320332e6f8",
+                    "sha256:3ce05f582886f743f497269cebed1d7876fe7c4e794fd70b0a9968182a722d4a",
+                    "sha256:c092c4c4051d32b62d7ab7d734b322d4959239517f2994593dfbec61a55b555e",
+                    SHA_7b5f,
+                    "sha256:c72712e86e45ac99e34ca3f60df02345fb4bdfb171c7ffb3e3cda409c77c7c6c",
+                    "sha256:d6123721a15aa5ddd5b8a62744109f956342f4a48adfb1ff73566e7d482abf0e",
+                    SHA_375b,
+                ],
+                "updatedAt": "2024-07-16T21:37:42Z",
+                "zone": None,
+            },
+            "technologies": [
+                {
+                    "name": "Client Application",
+                    "deploymentModel": "CLIENT_APPLICATION",
+                }
+            ],
+            "firstSeen": "2024-05-07T02:12:09.330868Z",
+            "lastSeen": "2024-07-17T05:21:08Z",
+        },
+    },
+]
+
+vuln_nodes = [
+    {
+        "id": "695c47de-ca55-5e49-bc90-880578f2d7aa",
+        "name": "CVE-2024-38095",
+        "detailedName": ".NET Runtime",
+        "description": "File `/usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.4/System.Core.dll` version `8.0.4` is vulnerable to `CVE-2024-38095`, which exists in versions `>= 8.0.0, < 8.0.7`.\n\nThe vulnerability was found in the [National Vulnerability Database (NVD)](https://nvd.nist.gov/vuln/detail/CVE-2024-38095) based on the CPE `cpe:2.3:a:microsoft:.net` with NVD severity: `High`.\n\nThe file is associated with the technology `.NET Runtime`.\n\nThe vulnerability can be remediated by updating `.NET Runtime` to `8.0.7` or higher.",
+        "severity": "HIGH",
+        "weightedSeverity": None,
+        "status": "OPEN",
+        "fixedVersion": "8.0.7",
+        "detectionMethod": "FILE_PATH",
+        "hasExploit": False,
+        "hasCisaKevExploit": False,
+        "cisaKevReleaseDate": None,
+        "cisaKevDueDate": None,
+        "firstDetectedAt": "2024-07-15T10:52:16.475997Z",
+        "lastDetectedAt": JULY_16_2024,
+        "resolvedAt": None,
+        "score": 7.5,
+        "validatedInRuntime": None,
+        "epssSeverity": "LOW",
+        "epssPercentile": 27.5,
+        "epssProbability": 0.1,
+        "dataSourceName": None,
+        "fixDate": "2024-07-09T00:00:00Z",
+        "fixDateBefore": None,
+        "publishedDate": JULY_09_2024,
+        "projects": [{"id": "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"}],
+        "cvssv2": {
+            "attackVector": None,
+            "attackComplexity": None,
+            "confidentialityImpact": None,
+            "integrityImpact": None,
+            "privilegesRequired": None,
+            "userInteractionRequired": False,
+        },
+        "cvssv3": {
+            "attackVector": "NETWORK",
+            "attackComplexity": "LOW",
+            "confidentialityImpact": "NONE",
+            "integrityImpact": "NONE",
+            "privilegesRequired": "NONE",
+            "userInteractionRequired": False,
+        },
+        "ignoreRules": None,
+        "layerMetadata": {
+            "id": SHA_375b,
+            "details": 'RUN |1 BUILD_VERSION=5.41.0 /bin/sh -c echo {\\"version\\":\\"$BUILD_VERSION\\"} > /app/ClientApp/dist/assets/json/version.json # buildkit',
+            "isBaseLayer": False,
+        },
+        "vulnerableAsset": {
+            "id": "52c50c20-3d07-58ac-ab2e-c412bf35351b",
+            "type": "CONTAINER_IMAGE",
+            "name": IMAGE_NAME,
+            "cloudPlatform": None,
+            "subscriptionName": None,
+            "subscriptionExternalId": None,
+            "subscriptionId": None,
+            "tags": {},
+            "hasLimitedInternetExposure": None,
+            "hasWideInternetExposure": None,
+            "isAccessibleFromVPN": None,
+            "isAccessibleFromOtherVnets": None,
+            "isAccessibleFromOtherSubscriptions": None,
+            "repository": {"vertexId": "59200ae8-c121-5927-af98-d0e85a24edb2", "name": REGSCALE_DOCKER_URL},
+            "registry": {"vertexId": "45d2e5c2-d0ad-5031-8d31-e4109a2dcd6a", "name": None},
+            "scanSource": ["WORKLOAD"],
+            "executionControllers": [],
+        },
+    },
+    {
+        "id": "b0cbdc0c-5ad5-5a6a-acc8-f696f97742cf",
+        "name": "CVE-2024-35264",
+        "detailedName": "Microsoft.AspNetCore.App.Runtime.linux-musl-x64",
+        "description": "The library `Microsoft.AspNetCore.App.Runtime.linux-musl-x64` version `8.0.4` was detected in `Nuget library manager` located at `/app/System.Threading.RateLimiting.dll` and is vulnerable to `CVE-2024-35264`, which exists in versions `>= 8.0.0, <= 8.0.6`.\n\nThe vulnerability was found in the [Github Security Advisory](https://github.com/advisories/GHSA-chfc-9w6m-75rf) with vendor severity: `High` ([NVD](https://nvd.nist.gov/vuln/detail/CVE-2024-35264) severity: `High`).\n\nThe vulnerability can be remediated by updating the library to version `8.0.7` or higher, using `dotnet add package Microsoft.AspNetCore.App.Runtime.linux-musl-x64`.",
+        "severity": "CRITICAL",
+        "weightedSeverity": None,
+        "status": "OPEN",
+        "fixedVersion": "8.0.7",
+        "detectionMethod": "LIBRARY",
+        "hasExploit": False,
+        "hasCisaKevExploit": False,
+        "cisaKevReleaseDate": None,
+        "cisaKevDueDate": None,
+        "firstDetectedAt": "2024-07-11T19:14:18.389391Z",
+        "lastDetectedAt": JULY_16_2024,
+        "resolvedAt": None,
+        "score": 8.1,
+        "validatedInRuntime": None,
+        "epssSeverity": "LOW",
+        "epssPercentile": 39.4,
+        "epssProbability": 0.1,
+        "dataSourceName": None,
+        "fixDate": "2024-07-10T01:02:48Z",
+        "fixDateBefore": None,
+        "publishedDate": JULY_09_2024,
+        "projects": [{"id": "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"}],
+        "cvssv2": {
+            "attackVector": None,
+            "attackComplexity": None,
+            "confidentialityImpact": None,
+            "integrityImpact": None,
+            "privilegesRequired": None,
+            "userInteractionRequired": False,
+        },
+        "cvssv3": {
+            "attackVector": "NETWORK",
+            "attackComplexity": "HIGH",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "HIGH",
+            "privilegesRequired": "NONE",
+            "userInteractionRequired": False,
+        },
+        "ignoreRules": None,
+        "layerMetadata": {
+            "id": SHA_7b5f,
+            "details": "COPY /app . # buildkit",
+            "isBaseLayer": False,
+        },
+        "vulnerableAsset": {
+            "id": "52c50c20-3d07-58ac-ab2e-c412bf35351b",
+            "type": "CONTAINER_IMAGE",
+            "name": IMAGE_NAME,
+            "cloudPlatform": None,
+            "subscriptionName": None,
+            "subscriptionExternalId": None,
+            "subscriptionId": None,
+            "tags": {},
+            "hasLimitedInternetExposure": None,
+            "hasWideInternetExposure": None,
+            "isAccessibleFromVPN": None,
+            "isAccessibleFromOtherVnets": None,
+            "isAccessibleFromOtherSubscriptions": None,
+            "repository": {"vertexId": "59200ae8-c121-5927-af98-d0e85a24edb2", "name": REGSCALE_DOCKER_URL},
+            "registry": {"vertexId": "45d2e5c2-d0ad-5031-8d31-e4109a2dcd6a", "name": None},
+            "scanSource": ["WORKLOAD"],
+            "executionControllers": [],
+        },
+    },
+    {
+        "id": "b0cbdc0c-5ad5-5a6a-acc8-f696f97742cf",
+        "name": "CVE-2024-35264",
+        "detailedName": "Microsoft.AspNetCore.App.Runtime.linux-musl-x64",
+        "description": "The library `Microsoft.AspNetCore.App.Runtime.linux-musl-x64` version `8.0.4` was detected in `Nuget library manager` located at `/app/System.Threading.RateLimiting.dll` and is vulnerable to `CVE-2024-35264`, which exists in versions `>= 8.0.0, <= 8.0.6`.\n\nThe vulnerability was found in the [Github Security Advisory](https://github.com/advisories/GHSA-chfc-9w6m-75rf) with vendor severity: `High` ([NVD](https://nvd.nist.gov/vuln/detail/CVE-2024-35264) severity: `High`).\n\nThe vulnerability can be remediated by updating the library to version `8.0.7` or higher, using `dotnet add package Microsoft.AspNetCore.App.Runtime.linux-musl-x64`.",
+        "severity": "MEDIUM",
+        "weightedSeverity": None,
+        "status": "OPEN",
+        "fixedVersion": "8.0.7",
+        "detectionMethod": "LIBRARY",
+        "hasExploit": False,
+        "hasCisaKevExploit": False,
+        "cisaKevReleaseDate": None,
+        "cisaKevDueDate": None,
+        "firstDetectedAt": "2024-07-11T19:14:18.389391Z",
+        "lastDetectedAt": JULY_16_2024,
+        "resolvedAt": None,
+        "score": 8.1,
+        "validatedInRuntime": None,
+        "epssSeverity": "LOW",
+        "epssPercentile": 39.4,
+        "epssProbability": 0.1,
+        "dataSourceName": None,
+        "fixDate": "2024-07-10T01:02:48Z",
+        "fixDateBefore": None,
+        "publishedDate": JULY_09_2024,
+        "projects": [{"id": "406bb94b-b8ae-5700-8fa0-c4c529d1d53f"}],
+        "cvssv2": {
+            "attackVector": None,
+            "attackComplexity": None,
+            "confidentialityImpact": None,
+            "integrityImpact": None,
+            "privilegesRequired": None,
+            "userInteractionRequired": False,
+        },
+        "cvssv3": {
+            "attackVector": "NETWORK",
+            "attackComplexity": "HIGH",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "HIGH",
+            "privilegesRequired": "NONE",
+            "userInteractionRequired": False,
+        },
+        "ignoreRules": None,
+        "layerMetadata": {
+            "id": SHA_7b5f,
+            "details": "COPY /app . # buildkit",
+            "isBaseLayer": False,
+        },
+        "vulnerableAsset": {
+            "id": "52c50c20-3d07-58ac-ab2e-c412bf35351c",
+            "type": "CONTAINER_IMAGE",
+            "name": IMAGE_NAME,
+            "cloudPlatform": None,
+            "subscriptionName": None,
+            "subscriptionExternalId": None,
+            "subscriptionId": None,
+            "tags": {},
+            "hasLimitedInternetExposure": None,
+            "hasWideInternetExposure": None,
+            "isAccessibleFromVPN": None,
+            "isAccessibleFromOtherVnets": None,
+            "isAccessibleFromOtherSubscriptions": None,
+            "repository": {"vertexId": "59200ae8-c121-5927-af98-d0e85a24edb2", "name": REGSCALE_DOCKER_URL},
+            "registry": {"vertexId": "45d2e5c2-d0ad-5031-8d31-e4109a2dcd6a", "name": None},
+            "scanSource": ["WORKLOAD"],
+            "executionControllers": [],
+        },
+    },
+]

tests/regscale/integrations/commercial/wizv2/compliance/__init__.py

@@ -0,0 +1 @@
+"""Tests for Wiz compliance helper classes."""