Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat Added support for SecurityHub integration findings #22

Merged
merged 3 commits into from
Nov 15, 2024

Conversation

fernandogoncalves-me
Copy link
Contributor

This PR proposes adding support for suppressing findings coming from Security Hub integrations with other AWS services.

Findings detected by other services (e.g. Amazon Inspector) miss the key attribute currently used to query findings that should be suppressed: ControlId.

A JSON example of an Inspector finding can be found in the fixtures folder.

To overcome that limitation, this PR proposes adding support for 2 new suppression fields:

  • product_name: this field contains the name of the product that has created the finding (e.g. Inspector).
  • title: this field contains the title of the finding.

By combining these 2 extra fields, we would be able to suppress findings coming from any other service that integrates with Security Hub.

And by leveraging the resource ID regex feature, we have full control to make make those suppressions more or less permissive.

@costastf
Copy link
Collaborator

Code looks clean and following the design patterns properly. 👍

@costastf costastf self-requested a review November 15, 2024 06:46
@costastf
Copy link
Collaborator

@fernandogoncalves-me please resolve the linting issue. If you have any issues with the pipeline ping me. The tooling and setup is obsolete.

Copy link
Collaborator

@costastf costastf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A small linting issue.

@costastf costastf merged commit 9bd5d0d into main Nov 15, 2024
2 checks passed
@costastf costastf deleted the sechub_integrations_findings branch November 15, 2024 11:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants