microsoft
/
ApplicationInspector
зеркало из https://github.com/microsoft/ApplicationInspector.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Hashicorp vault rule misc (#290) 

* Adds requested Hashicorp secrets vault detection and improves Azure key vault accuracy.  Adds detection and warning for unsupported tag preferences in features html report page.
This commit is contained in:
Guy Acosta 2020-09-20 11:49:39 -06:00 коммит произвёл GitHub
Родитель 0ed858700d
Коммит 34ee51035b
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
2 изменённых файлов: 84 добавлений и 1 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

14
AppInspector.CLI/Writers/AnalyzeHtmlWriter.cs
Просмотреть файл

@ -11,6 +11,7 @@ using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Text.RegularExpressions;
@ -178,14 +179,27 @@ namespace Microsoft.ApplicationInspector.CLI
TagGroupPreferences = new List<TagCategory>();
}
string[] unSupportedGroupsOrPatterns = new string[] { "metric", "dependency" };
//for each preferred group of tag patterns determine if at least one instance was detected
foreach (TagCategory tagCategory in TagGroupPreferences)
{
foreach (TagGroup tagGroup in tagCategory.Groups)
{
bool test = tagGroup.Title.ToLower().Contains(unSupportedGroupsOrPatterns[0]);
if (unSupportedGroupsOrPatterns.Any(x => tagGroup.Title.ToLower().Contains(x)))
{
WriteOnce.Log.Warn($"Unsupported tag group or pattern detected '{tagGroup.Title}'. See online documentation at https://github.com/microsoft/ApplicationInspector/wiki/3.5-Tags");
}
foreach (TagSearchPattern pattern in tagGroup.Patterns)
{
pattern.Detected = _appMetaData.UniqueTags.Any(v => v.Contains(pattern.SearchPattern));
if (unSupportedGroupsOrPatterns.Any(x => pattern.SearchPattern.ToLower().Contains(x)))
{
WriteOnce.Log.Warn($"Unsupported tag group or pattern detected '{pattern.SearchPattern}'. See online documentation at https://github.com/microsoft/ApplicationInspector/wiki/3.5-Tags");
}
//create dynamic "category" groups of tags with pattern relationship established from TagReportGroups.json
//that can be used to populate reports with various attributes for each tag detected
if (pattern.Detected)

71
AppInspector/rules/default/cloud_services/data_storage.json
Просмотреть файл

@ -102,13 +102,24 @@
"severity": "moderate",
"patterns": [
{
"pattern": "new ClientSecret|keyvault",
"pattern": "new ClientSecret|KeyVaultClient|Microsoft.Azure.KeyVault|Microsoft.Azure.Management.KeyVault",
"type": "regex",
"scopes": [
"code"
],
"confidence": "high",
"_comment": ""
},
{
"pattern": "keyvault",
"type": "regex",
"scopes": [
"code",
"comment"
],
"modifiers": ["i"],
"confidence": "medium",
"_comment": ""
}
]
},
@ -137,6 +148,64 @@
}
]
},
{
"name": "CloudServices: DataStorage (HashiCorp Vault)",
"id": "AI002730",
"description": "CloudServices: DataStorage (HashiCorp Vault)",
"applies_to": [
"csharp"
],
"tags": [
"CloudServices.DataStorage.HashiCorp.Vault",
"Data.Sensitive.Secret"
],
"severity": "moderate",
"patterns": [
{
"pattern": "VaultClientSettings|IVaultClient",
"type": "regex",
"scopes": [
"code"
],
"confidence": "high",
"_comment": ""
},
{
"pattern": "hashicorp|VaultSharp",
"type": "regex",
"scopes": [
"code",
"comment"
],
"modifiers": [ "i" ],
"confidence": "high",
"_comment": ""
}
]
},
{
"name": "CloudServices: DataStorage (HashiCorp Vault)",
"id": "AI002740",
"description": "CloudServices: DataStorage (HashiCorp Vault)",
"tags": [
"CloudServices.DataStorage.HashiCorp.Vault",
"Data.Sensitive.Secret"
],
"severity": "moderate",
"patterns": [
{
"pattern": "vaultSharp|hashicorp|spring vault|import org.springframework.vault",
"type": "regex",
"scopes": [
"code",
"comment"
],
"modifiers": [ "i" ],
"confidence": "high",
"_comment": "includes vaultsharp here for possible use in PS"
}
]
},
{
"name": "CloudServices: DataStorage (Azure)",
"id": "AI002800",