ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

update(compliance): ENS RD2022 Spanish security framework updates (#1809)

Browse Source 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
This commit is contained in:
alexr3y
2023-02-09 15:14:38 +02:00
committed by GitHub
parent 37ec460f64
commit d6bbf8b7cc
4 changed files with 2266 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2412
prowler/compliance/aws/ens_rd2022_aws.json
View File

File diff suppressed because it is too large Load Diff

4
prowler/lib/check/compliance_models.py
View File

@@ -11,10 +11,10 @@ from prowler.lib.logger import logger
class ENS_Requirements_Nivel(str, Enum): class ENS_Requirements_Nivel(str, Enum):
"""ENS V3 Requirements Level""" """ENS V3 Requirements Level"""
opcional = "opcional"
bajo = "bajo" bajo = "bajo"
medio = "medio" medio = "medio"
alto = "alto" alto = "alto"
pytec = "pytec"
class ENS_Requirements_Dimensiones(str, Enum): class ENS_Requirements_Dimensiones(str, Enum):
@@ -106,7 +106,7 @@ class Compliance_Base_Model(BaseModel):
"""Compliance_Base_Model holds the base model for every compliance framework""" """Compliance_Base_Model holds the base model for every compliance framework"""
Framework: str Framework: str
Provider: Optional[str] Provider: str
Version: str Version: str
Description: str Description: str
Requirements: list[Compliance_Requirement] Requirements: list[Compliance_Requirement]

20
prowler/lib/outputs/compliance.py
View File

@@ -4,7 +4,7 @@ from csv import DictWriter
from colorama import Fore, Style from colorama import Fore, Style
from tabulate import tabulate from tabulate import tabulate
from prowler.config.config import timestamp from prowler.config.config import timestamp, orange_color
from prowler.lib.logger import logger from prowler.lib.logger import logger
from prowler.lib.outputs.models import ( from prowler.lib.outputs.models import (
Check_Output_CSV_CIS, Check_Output_CSV_CIS,
@@ -158,10 +158,10 @@ def display_compliance_table(
"Proveedor": [], "Proveedor": [],
"Marco/Categoria": [], "Marco/Categoria": [],
"Estado": [], "Estado": [],
"PYTEC": [],
"Alto": [], "Alto": [],
"Medio": [], "Medio": [],
"Bajo": [], "Bajo": [],
"Opcional": [],
} }
pass_count = fail_count = 0 pass_count = fail_count = 0
for finding in findings: for finding in findings:
@@ -185,7 +185,7 @@ def display_compliance_table(
if marco_categoria not in marcos: if marco_categoria not in marcos:
marcos[marco_categoria] = { marcos[marco_categoria] = {
"Estado": f"{Fore.GREEN}CUMPLE{Style.RESET_ALL}", "Estado": f"{Fore.GREEN}CUMPLE{Style.RESET_ALL}",
"Pytec": 0, "Opcional": 0,
"Alto": 0, "Alto": 0,
"Medio": 0, "Medio": 0,
"Bajo": 0, "Bajo": 0,
@@ -197,8 +197,8 @@ def display_compliance_table(
] = f"{Fore.RED}NO CUMPLE{Style.RESET_ALL}" ] = f"{Fore.RED}NO CUMPLE{Style.RESET_ALL}"
elif finding.status == "PASS": elif finding.status == "PASS":
pass_count += 1 pass_count += 1
if attribute.Nivel == "pytec": if attribute.Nivel == "opcional":
marcos[marco_categoria]["Pytec"] += 1 marcos[marco_categoria]["Opcional"] += 1
elif attribute.Nivel == "alto": elif attribute.Nivel == "alto":
marcos[marco_categoria]["Alto"] += 1 marcos[marco_categoria]["Alto"] += 1
elif attribute.Nivel == "medio": elif attribute.Nivel == "medio":
@@ -211,17 +211,17 @@ def display_compliance_table(
ens_compliance_table["Proveedor"].append("aws") ens_compliance_table["Proveedor"].append("aws")
ens_compliance_table["Marco/Categoria"].append(marco) ens_compliance_table["Marco/Categoria"].append(marco)
ens_compliance_table["Estado"].append(marcos[marco]["Estado"]) ens_compliance_table["Estado"].append(marcos[marco]["Estado"])
ens_compliance_table["PYTEC"].append( ens_compliance_table["Opcional"].append(
f"{Fore.LIGHTRED_EX}{marcos[marco]['Pytec']}{Style.RESET_ALL}" f"{Fore.BLUE}{marcos[marco]['Opcional']}{Style.RESET_ALL}"
) )
ens_compliance_table["Alto"].append( ens_compliance_table["Alto"].append(
f"{Fore.RED}{marcos[marco]['Alto']}{Style.RESET_ALL}" f"{Fore.LIGHTRED_EX}{marcos[marco]['Alto']}{Style.RESET_ALL}"
) )
ens_compliance_table["Medio"].append( ens_compliance_table["Medio"].append(
f"{Fore.YELLOW}{marcos[marco]['Medio']}{Style.RESET_ALL}" f"{orange_color}{marcos[marco]['Medio']}{Style.RESET_ALL}"
) )
ens_compliance_table["Bajo"].append( ens_compliance_table["Bajo"].append(
f"{Fore.BLUE}{marcos[marco]['Bajo']}{Style.RESET_ALL}" f"{Fore.YELLOW}{marcos[marco]['Bajo']}{Style.RESET_ALL}"
) )
if fail_count + pass_count < 0: if fail_count + pass_count < 0:
print( print(

10
util/generate_compliance_json_from_csv_for_ens.py
View File

@@ -15,9 +15,11 @@ with open(file_name, newline="", encoding="utf-8") as f:
reader = csv.reader(f, delimiter=",") reader = csv.reader(f, delimiter=",")
for row in reader: for row in reader:
niveles = list(map(str.strip, row[5].split(","))) niveles = list(map(str.strip, row[5].split(",")))
if "pytec" in niveles: # Use of pytec/CPSTIC levels is under clarification, disabling temporarily
nivelvalue = "pytec" # if "pytec" in niveles:
elif "alto" in niveles: # nivelvalue = "pytec"
# el
if "alto" in niveles:
nivelvalue = "alto" nivelvalue = "alto"
elif "medio" in niveles: elif "medio" in niveles:
nivelvalue = "medio" nivelvalue = "medio"
@@ -27,12 +29,14 @@ with open(file_name, newline="", encoding="utf-8") as f:
nivelvalue = "bajo" nivelvalue = "bajo"
attribute = { attribute = {
"IdGrupoControl": row[10],
"Marco": row[2], "Marco": row[2],
"Categoria": row[3], "Categoria": row[3],
"DescripcionControl": row[4], "DescripcionControl": row[4],
"Nivel": nivelvalue, "Nivel": nivelvalue,
"Tipo": row[9], "Tipo": row[9],
"Dimensiones": list(map(str.strip, row[6].split(","))), "Dimensiones": list(map(str.strip, row[6].split(","))),
"ModoEjecucion": row[11],
} }
output["Requirements"].append( output["Requirements"].append(
{ {