Add extra fields to Nessus STIG compliance mapper (#102)

* Fixes #101 * Adds ruleid, CCI, and stigid to Nessus mapper * Nessus-related sample updates with new fields
mitre · Jun 8, 2021 · 74da518 · 74da518
1 parent 9aed494
commit 74da518
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 8 deletions.
diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2021-05-18 15:11:52 UTC using RuboCop version 1.14.0.
+# on 2021-06-07 14:26:06 UTC using RuboCop version 1.16.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -19,12 +19,11 @@ Lint/DuplicateBranch:
   Exclude:
     - 'lib/heimdall_tools/dbprotect_mapper.rb'
 
-# Offense count: 2
+# Offense count: 1
 # Configuration parameters: MaximumRangeSize.
 Lint/MissingCopEnableDirective:
   Exclude:
     - 'lib/heimdall_tools/nessus_mapper.rb'
-    - 'lib/heimdall_tools/zap_mapper.rb'
 
 # Offense count: 1
 Lint/RequireParentheses:
@@ -38,7 +37,7 @@ Lint/UnusedMethodArgument:
   Exclude:
     - 'lib/heimdall_tools/hdf.rb'
 
-# Offense count: 32
+# Offense count: 34
 # Configuration parameters: IgnoredMethods, CountRepeatedAttributes.
 Metrics/AbcSize:
   Max: 73
@@ -47,7 +46,7 @@ Metrics/AbcSize:
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
 # IgnoredMethods: refine
 Metrics/BlockLength:
-  Max: 49
+  Max: 52
 
 # Offense count: 2
 # Configuration parameters: CountBlocks.
@@ -57,7 +56,7 @@ Metrics/BlockNesting:
 # Offense count: 8
 # Configuration parameters: CountComments, CountAsOne.
 Metrics/ClassLength:
-  Max: 171
+  Max: 175
 
 # Offense count: 10
 # Configuration parameters: IgnoredMethods.
@@ -67,7 +66,7 @@ Metrics/CyclomaticComplexity:
 # Offense count: 38
 # Configuration parameters: CountComments, CountAsOne, ExcludedMethods, IgnoredMethods.
 Metrics/MethodLength:
-  Max: 52
+  Max: 56
 
 # Offense count: 1
 # Configuration parameters: CountKeywordArgs, MaxOptionalParameters.

diff --git a/lib/heimdall_tools/nessus_mapper.rb b/lib/heimdall_tools/nessus_mapper.rb
@@ -221,8 +221,12 @@ def to_hdf
           end
           if item['compliance-reference']
             @item['tags']['nist']     = cci_nist_tag(parse_refs(item['compliance-reference'], 'CCI'))
+            @item['tags']['cci']      = parse_refs(item['compliance-reference'], 'CCI')
+            @item['tags']['rid']      = parse_refs(item['compliance-reference'], 'Rule-ID').join(',')
+            @item['tags']['stig_id']  = parse_refs(item['compliance-reference'], 'STIG-ID').join(',')
           else
             @item['tags']['nist']     = plugin_nist_tag(item['pluginFamily'], item['pluginID'])
+            @item['tags']['rid']      = item['pluginID'].to_s
           end
           if item['compliance-solution']
             @item['descriptions']       << desc_tags(item['compliance-solution'], 'check')

diff --git a/sample_jsons/nessus_mapper/nessus_sample_hdf.json b/sample_jsons/nessus_mapper/nessus_sample_hdf.json
diff --git a/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-23-102.json b/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-23-102.json
diff --git a/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-24-231.json b/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-24-231.json
diff --git a/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-37-43.json b/sample_jsons/nessus_mapper/nessus_sample_hdf.json-ip-10-10-37-43.json