Skip to content

Commit

Permalink
🧪 experimental: decayed + banded scoring
Browse files Browse the repository at this point in the history
These will be added in cnspec, keywords need to be defined in cnquery

Signed-off-by: Dominik Richter <[email protected]>
  • Loading branch information
arlimus committed Mar 4, 2024
1 parent e3bd33d commit 9c2091c
Show file tree
Hide file tree
Showing 3 changed files with 102 additions and 78 deletions.
164 changes: 86 additions & 78 deletions explorer/cnquery_explorer.pb.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions explorer/cnquery_explorer.proto
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,18 @@ enum ScoringSystem {
AVERAGE = 3;
DATA_ONLY = 4;
IGNORE_SCORE = 5;
// Experimental: BANDED scoring mechanism which creates a score based on
// the 4 categories of criticality (critical, high, medium, low) and
// positions scores so that:
// 1. Any critical/high issues won't generate a high score (upper limit)
// 2. Lower scoring categories can have an impact on the score
// (e.g. 1 crit + 200 medium failures will be lower than 1 crit only)
// 3. A large collection of medium findings won't generate a critical score
BANDED = 6;
// Experimental: DECAYED scoring uses a scaled decay function to estimate a
// score value. This means that a few critical findings will quickly reduce
// the resulting score, but it won't just drop it to the lowest value.
DECAYED = 7;
}

// Impact explains how important certain queries are. They are especially useful
Expand Down
4 changes: 4 additions & 0 deletions explorer/impact.go
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,10 @@ func (s *ScoringSystem) UnmarshalJSON(data []byte) error {
*s = ScoringSystem_WEIGHTED
case "average", "":
*s = ScoringSystem_AVERAGE
case "banded":
*s = ScoringSystem_BANDED
case "decayed":
*s = ScoringSystem_DECAYED
default:
return errors.New("unknown scoring system: " + string(data))
}
Expand Down

0 comments on commit 9c2091c

Please sign in to comment.