Add new parser - Legitify (#10797)

* feat: added Legitify parser * style: quality fix * feat: updated .settings.dist.py * feat: updated .settings.dist.py --------- Co-authored-by: Damián Pardiñas Rodríguez <[email protected]>
DefectDojo · Sep 5, 2024 · 0746093 · 0746093
1 parent 4ccb3c9
commit 0746093
Show file tree

Hide file tree

Showing 9 changed files with 2,809 additions and 1 deletion.
diff --git a/docs/content/en/integrations/parsers/file/legitify.md b/docs/content/en/integrations/parsers/file/legitify.md
@@ -0,0 +1,9 @@
+---
+title: "Legitify"
+toc_hide: true
+---
+### File Types
+This DefectDojo parser accepts JSON files (in flattened format) from Legitify. For further details regarding the results, please consult the relevant [documentation](https://github.com/Legit-Labs/legitify?tab=readme-ov-file#output-options).
+
+### Sample Scan Data
+Sample scan data for testing purposes can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/legitify).
diff --git a/dojo/settings/.settings.dist.py.sha256sum b/dojo/settings/.settings.dist.py.sha256sum
@@ -1 +1 @@
-38096a82c7cdeec6ca9c663c1ec3d6a5692a0e7bbfdea8fd2f05c58f753430d4
+71285f56a01869df55a802d79343f43c2e6a42ed52c4bb3591202e62b8569c64
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
@@ -1277,6 +1277,7 @@ def saml2_attrib_map_format(dict):
     "Kiuwan SCA Scan": ["description", "severity", "component_name", "component_version", "cwe"],
     "Rapplex Scan": ["title", "endpoints", "severity"],
     "AppCheck Web Application Scanner": ["title", "severity"],
+    "Legitify Scan": ["title", "endpoints", "severity"],
 }
 
 # Override the hardcoded settings here via the env var
@@ -1499,6 +1500,7 @@ def saml2_attrib_map_format(dict):
     "Kiuwan SCA Scan": DEDUPE_ALGO_HASH_CODE,
     "Rapplex Scan": DEDUPE_ALGO_HASH_CODE,
     "AppCheck Web Application Scanner": DEDUPE_ALGO_HASH_CODE,
+    "Legitify Scan": DEDUPE_ALGO_HASH_CODE,
 }
 
 # Override the hardcoded settings here via the env var

diff --git a/dojo/tools/legitify/__init__.py b/dojo/tools/legitify/__init__.py
diff --git a/dojo/tools/legitify/parser.py b/dojo/tools/legitify/parser.py
@@ -0,0 +1,69 @@
+import json
+
+from dojo.models import Endpoint, Finding
+
+
+class LegitifyParser:
+
+    def get_scan_types(self):
+        return ["Legitify Scan"]
+
+    def get_label_for_scan_types(self, scan_type):
+        return scan_type  # no custom label for now
+
+    def get_description_for_scan_types(self, scan_type):
+        return "Legitify output file can be imported in JSON format."
+
+    def severity_mapper(self, severity):
+        mapping = {
+            "LOW": "Low",
+            "MEDIUM": "Medium",
+            "HIGH": "High",
+            "CRITICAL": "Critical",
+        }
+        return mapping.get(severity, "Low")
+
+    def parse_json(self, file):
+        try:
+            data = file.read()
+            try:
+                tree = json.loads(str(data, "utf-8"))
+            except Exception:
+                tree = json.loads(data)
+        except Exception:
+            msg = "Invalid format"
+            raise ValueError(msg)
+        return tree
+
+    def get_findings(self, file, test):
+        report_tree = self.parse_json(file)
+
+        findings = []
+        for content_key, content_value in report_tree.get("content", {}).items():
+            policy_info = content_value.get("policyInfo", {})
+            is_finding = False
+            endpoints = set()
+            references = set()
+            for violation in content_value.get("violations", []):
+                if violation.get("status", None) == "FAILED":
+                    is_finding = True
+                    url = violation.get("canonicalLink", None)
+                    if url:
+                        references.add(url)
+                        endpoints.add(Endpoint.from_uri(url))
+
+            if is_finding:
+                finding = Finding(
+                    description=policy_info.get("description", ""),
+                    dynamic_finding=False,
+                    impact="\n".join(policy_info.get("threat", [])),
+                    mitigation="\n".join(policy_info.get("remediationSteps", [])),
+                    references="\n".join(references),
+                    severity=self.severity_mapper(policy_info.get("severity", "LOW")),
+                    static_finding=True,
+                    title=f'{policy_info.get("namespace", "").capitalize()} | {policy_info.get("title", "")}',
+                    vuln_id_from_tool=policy_info.get("policyName", None),
+                )
+                finding.unsaved_endpoints = list(endpoints)
+                findings.append(finding)
+        return findings
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		38096a82c7cdeec6ca9c663c1ec3d6a5692a0e7bbfdea8fd2f05c58f753430d4
		71285f56a01869df55a802d79343f43c2e6a42ed52c4bb3591202e62b8569c64