Parsers: Specify lists rather than dict.values()

[Maffooch]

A few parsers do not pass a list of findings, but rather an another type of iterable. This PR will correct these parsers to make the return type more explicit

[sc-7629]

[dryrunsecurity]

DryRun Security Summary

The pull request focuses on improving the parsing and ingestion of security findings from various sources, ensuring consistent output formats and enhancing the reliability and usability of the security findings imported into the DefectDojo application.

Expand for full summary

Summary:

The code changes in this pull request are focused on improving the parsing and ingestion of security findings from various sources, including HackerOne, Blackduck, IntSights, Qualys, Mend, SSLScan, SSLyze, and WhiteHat Sentinel. The changes primarily involve ensuring that the parser functions return their findings in a consistent list format, rather than a direct reference to a dictionary or other data structure.

From an application security perspective, these changes do not introduce any obvious security vulnerabilities. Instead, they aim to enhance the reliability and usability of the security findings imported into the DefectDojo application. By providing a consistent output format, the changes make it easier for the rest of the application to work with the parsed data, which is an important aspect of maintaining a robust security program.

Additionally, the code in these parser modules demonstrates a good understanding of secure coding practices, such as input validation, deduplication of findings, and the extraction of relevant security-related information from the source data. These are all crucial elements of an effective vulnerability management and reporting system.

Files Changed:

1. dojo/tools/h1/parser.py: The change in this file is a minor optimization to ensure that the get_vulnerability_disclosure_json_findings method returns a list of Finding objects.
2. dojo/tools/blackduck_binary_analysis/parser.py: This file contains the parser for Blackduck Binary Analysis reports, which identifies and processes findings related to vulnerable software components.
3. dojo/tools/intsights/parser.py: The changes in this file focus on deduplicating findings and providing detailed descriptions for the identified threats from IntSights Threat Intelligence Reports.
4. dojo/tools/blackduck/parser.py: The changes in this file ensure that the ingest_findings method returns a list of findings, rather than a dict_values object.
5. dojo/tools/qualys_webapp/parser.py: The change in this file is a minor refactoring to ensure that the qualys_webapp_parser function always returns a list.
6. dojo/tools/mend/parser.py: The change in this file improves the deduplication of findings by returning a list of unique findings from the create_finding_key function.
7. dojo/tools/sslscan/parser.py: The changes in this file ensure that the get_findings method returns a list of findings, which is the expected output format.
8. dojo/tools/sslyze/parser_xml.py: The changes in this file focus on improving the output format of the SSLyze parser, while maintaining the existing security-related functionality.
9. dojo/tools/whitehat_sentinel/parser.py: The change in this file ensures that the _convert_whitehat_sentinel_vulns_to_dojo_finding function returns a list of Defect Dojo findings.

Overall, the code changes in this pull request are primarily focused on improving the consistency and reliability of the security findings imported into the DefectDojo application, which is an essential aspect of effective vulnerability management and reporting.

Code Analysis

We ran 9 analyzers against 9 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mtesauro]

Approved