Sub 3621 vulnerabilities + workloads structs + enrichments (#190)

* SUB-3621 - vuln structs * SUB-3621 - vuln structs * SUB-3621 - vuln structs * SUB-3621 - risk factors * SUB-3621 - workloads details * SUB-3621 - Added tests * SUB-3621 - Added tests * SUB-3621 - Added tests * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes * SUB-3621 - CR fixes --------- Co-authored-by: rinao12 <[email protected]>
armosec · Dec 27, 2023 · 757c589 · 757c589
1 parent c899214
commit 757c589
Show file tree

Hide file tree

Showing 2 changed files with 105 additions and 9 deletions.
diff --git a/armotypes/common.go b/armotypes/common.go
@@ -3,3 +3,13 @@ package armotypes
 // swagger:strfmt uuid4
 // Example: 0f42fbe3-d81e-444d-8cc7-bc892c7623e9
 type GUID string
+
+type RiskFactor string
+
+const (
+	RiskFactorInternetFacing RiskFactor = "Internet facing"
+	RiskFactorPrivileged     RiskFactor = "Privileged"
+	RiskFactorSecretAccess   RiskFactor = "Secret access"
+	RiskFactorDataAccess     RiskFactor = "Data access"
+	RiskFactorHostAccess     RiskFactor = "Host access"
+)
diff --git a/armotypes/vulnerabilitytypes.go b/armotypes/vulnerabilitytypes.go
@@ -1,23 +1,109 @@
 package armotypes
 
+import "time"
+
+const (
+	ExploitableCisaKev        = "Known Exploited (CISA KEV)"
+	ExploitableHighLikelihood = "High likelihood (EPSS >= 10%)"
+	ExploitableNo             = "No"
+	EpssThreshold             = 0.10 // 10%
+)
+
 type VulnerabilityJobParams struct {
 	Name            string `json:"name,omitempty"`
-	ID              string `json:"id,omitempty"`
 	ClusterName     string `json:"clusterName"`
 	Namespace       string `json:"namespace"`
 	CronTabSchedule string `json:"cronTabSchedule,omitempty"`
 	JobID           string `json:"jobID,omitempty"`
 }
 
+type VulnerabilityWorkload struct {
+	Name             string              `json:"name"`
+	Namespace        string              `json:"namespace"`
+	Kind             string              `json:"kind"`
+	ClusterName      string              `json:"clusterName"`
+	ClusterShortName string              `json:"clusterShortName"`
+	LastScanTime     time.Time           `json:"lastScanTime"`
+	CustomerGUID     string              `json:"customerGUID"`
+	ImagesCount      int                 `json:"imagesCount"`
+	CriticalCount    int                 `json:"criticalCount"`
+	HighCount        int                 `json:"highCount"`
+	MediumCount      int                 `json:"mediumCount"`
+	LowCount         int                 `json:"lowCount"`
+	SeverityStats    map[string][]string `json:"severityStats"`
+	RiskFactorsCount int                 `json:"riskFactorsCount"`
+	RiskFactors      []RiskFactor        `json:"riskFactors"`
+	Labels           []string            `json:"labels"`
+}
+
+type ContainerPathInfo struct {
+	NameSpace        string `json:"namespace"`
+	WorkloadName     string `json:"WorkloadName"`
+	ContainerName    string `json:"containerName"`
+	WorkloadKind     string `json:"WorkloadKind"`
+	ClusterName      string `json:"clusterName"`
+	ClusterShortName string `json:"clusterShortName"`
+}
+
+type VulnerabilitiesComponent struct {
+	CustomerGUID  string              `json:"customerGUID"`
+	Name          string              `json:"name"`
+	Version       string              `json:"version"`
+	PackageType   string              `json:"packageType"`
+	FixVersions   []string            `json:"fixVersions"`
+	PathsInfo     []ComponentPathInfo `json:"pathsInfo"`
+	CriticalCount int                 `json:"criticalCount"`
+	HighCount     int                 `json:"highCount"`
+	MediumCount   int                 `json:"mediumCount"`
+	LowCount      int                 `json:"lowCount"`
+	SeverityStats map[string][]string `json:"severityStats"`
+}
+
+type ComponentPathInfo struct {
+	ContainerPathInfo
+	ImageTag      string `json:"imageTag"`
+	ImageHash     string `json:"imageHash"`
+	ContainerName string `json:"containerName"`
+}
+
 type Vulnerability struct {
-	Name          string      `json:"name"`
-	Severity      string      `json:"severity"`
-	SeverityScore int         `json:"severityScore"`
-	IsRCE         bool        `json:"isRCE"`
-	Links         []string    `json:"links"`
-	Description   string      `json:"description"`
-	EpssInfo      EpssInfo    `json:"epssInfo"`
-	CisaKevInfo   CisaKevInfo `json:"cisaKevInfo"`
+	Name           string                     `json:"name"`
+	Severity       string                     `json:"severity"`
+	SeverityScore  int                        `json:"severityScore"`
+	IsRCE          bool                       `json:"isRCE"`
+	Links          []string                   `json:"links"`
+	Description    string                     `json:"description"`
+	Exploitable    string                     `json:"exploitable"`
+	ComponentsInfo []VulnerabilitiesComponent `json:"componentsInfo"`
+	IsFixable      bool                       `json:"isFixable"`
+	CvssInfo       []CvssInfo                 `json:"cvssInfo"`
+	EpssInfo       EpssInfo                   `json:"epssInfo"`
+	CisaKevInfo    CisaKevInfo                `json:"cisaKevInfo"`
+}
+
+type CvssInfo struct {
+	Vector              string                 `json:"vector"`
+	Version             string                 `json:"version"`
+	Source              string                 `json:"source"`
+	BaseScore           int                    `json:"baseScore"`
+	ExploitabiltiyScore int                    `json:"exploitabiltiyScore"`
+	ImpactScore         int                    `json:"ImpactScore"`
+	ExploitabilityInfo  CvssExploitabilityInfo `json:"exploitabilityInfo"`
+	ImpactInfo          CvssImpactInfo         `json:"impactInfo"`
+}
+
+type CvssExploitabilityInfo struct {
+	AttackVector       string `json:"attackVector"`
+	AttackComplexity   string `json:"attackComplexity"`
+	PrivilegesRequired string `json:"privilegesRequired"`
+	UserInteraction    string `json:"userInteraction"`
+	Scope              string `json:"scope"`
+}
+
+type CvssImpactInfo struct {
+	Confidentiality string `json:"confidentiality"`
+	Integrity       string `json:"integrity"`
+	Availability    string `json:"availability"`
 }
 
 type EpssInfo struct {