Coding samples using the Kenna Security Platform REST API. All the code samples in this GitHub repository are offered “as is” and include no warranty of any kind. Use them at your own risk. In no event will Kenna be liable to end user or any other party for damages of any kind arising from the use of these samples.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
![mend-for-github-com[bot] avatar](https://avatars.githubusercontent.com/in/30796?v=4 "mend-for-github-com[bot]")
Hi
I was going through this
https://github.com/KennaSecurity/All_Samples/tree/master/postman
Json file. And realised that it is missing response definition. Is there more accurate json/yaml spec somewhere?
Thanks
Sm
Traceback (most recent call last):
2: from csv_extract_with_details.rb:172:in <main>' 1: from csv_extract_with_details.rb:160:in get_bulk_assets'
csv_extract_with_details.rb:160:in `delete': no implicit conversion of nil into String (TypeError)
Hello. This code allows me to include vulnerabilities with only open vulnerabilities. How do I enable it to allow closed vulnerabilities or all vulnerabilities?
Checkmarx identifies many vulnerability categories which have no mapping to WASC id. The script stops if the mapping is not found hard-coded dictionary in the script. How to deal with such situation? I have Checkmarx scan results with CWE ids which are not mapped to WASC id.
I'm trying to run the KDI generic transformed script.
My csv has the following fields:
artifact,date,fixedVersion,installedVersion,Vuln Description,resource,CVSS,severity,CVE,Vuln Name
I have edited default_meta as follows
| Kenna Item - DON'T EDIT THESE VALUES | Associated Source File Column | Required | Description | Object Type | |
|---|---|---|---|---|---|
| date_format | %d/%m/%Y | yes if dates in data | Script Only - used to format dates google ruby strftime for more info on format syntax | ||
| locator | hostname | no | Script only - field used to deduplication prior to upload - should match kenna locator syntax | Asset | |
| file | one value per Asset is required | column name in CSV pointing to (string) path of affected file | Asset | ||
| ip_address | IP Address | one value per Asset is required | column name in CSV pointing to (string) IP of internal facing asset | Asset | |
| mac_address | one value per Asset is required | column name in CSV pointing to (mac format-regex) MAC address asset | Asset | ||
| hostname | artifact | one value per Asset is required | column name in CSV pointing to (string) host name/domain name of affected asset | Asset | |
| ec2 | one value per Asset is required | column name in CSV pointing to (string) Amazon EC2 instance id or name | Asset | ||
| netbios | one value per Asset is required | column name in CSV pointing to(string) netbios name | Asset | ||
| url | one value per Asset is required | column name in CSV pointing to (string) URL pointing to asset | Asset | ||
| fqdn | one value per Asset is required | column name in CSV pointing to (string) fqdn of asset | Asset | ||
| external_id | one value per Asset is required | column name in CSV pointing to (string) ExtID of asset | Asset | ||
| database | one value per Asset is required | column name in CSV pointing to (string) Name of db | Asset | ||
| application | artifact | yes | column name in CSV pointing to (string) ID/app Name - label assigned to asset | Asset | |
| tags | "Product Line,Product Business Unit,Product Division,Finder Type" | no | (string) comma separated list of columns with strings that correspond to tags on an asset - no spaces | Asset Meta | |
| tag_prefix | "AppID:,Prod_BU:,Prod_Div:,Find_type:" | no | comma separated list of prefixes which corresponds to list in tag. Number and order of elements should match tags exactly. | ||
| owner | no | column name in CSV pointing to (string) Some string that identifies an owner of an asset | Asset Meta | ||
| os | no | column name in CSV pointing to (string) Operating system of asset | Asset Meta | ||
| os_version | no | column name in CSV pointing to (string) OS version | Asset Meta | ||
| priority | no | column name in CSV pointing to (Integer) Priority of asset (int 1 to 10).Adjusts asset score. nil for default to 10 | Asset Meta | ||
| scanner_source | static | yes | declares scanner_type data as static (listed in this file) or column (pulled from the csv source file) | ||
| scanner_type | Pen Test | yes | (string) - official name of scan type - should be the same across files where appropriate can be static or pulled from column as directed in scanner_source | Vulnerability & Vuln Def | |
| scanner_id | Issue ID | no | column name in CSV pointing to (string) - Vuln ID as defined by the scanner | Vulnerability & Vuln Def | |
| details | no | column name in CSV pointing to (string) - Details about vuln specific to single host | Vulnerability | ||
| created | no | column name in CSV pointing to (string) - Date vuln created | Vulnerability | ||
| scanner_score | CVSS | no | column name in CSV pointing to (Integer) - scanner score used for scoring appsec vulns - informational for network vulns - translate to int 1-10 using score_map if needed | Vulnerability | |
| score_map | "{""High"":""8"",""Critical"":""10"",""Medium"":""6"",""Low"":""3""}" | no | hash of translation scanner score values to kenna range of 1-10 if needed based on column in scanner_score | ||
| last_fixed | no | column name in CSV pointing to (string) - Last fixed date | Vulnerability | ||
| last_seen | no | column name in CSV pointing to (string) Date it was closed | Vulnerability | ||
| status | Current Status | no | "column name in CSV pointing to (string) default to ""open"" if inbound reports will only include open vulns" | Vulnerability | |
| status_map | "{ ""Impact Statement Pending"" : ""open"", ""Closed"" : ""closed"", ""New"" : ""open"", ""Remediation Plan Pending"" : ""open"", ""Remedy in Progress"" : ""open""}" | no | Script Only - hash of translation... scanner status to Kenna status mappings if needed | ||
| closed | required if status is closed | column name in CSV pointing to (string) Date it was closed | Vulnerability | ||
| port | Port | no | column name in CSV pointing to (Integer) Port if associated with vuln | Vulnerability | |
| cve_id | CVE | yes | column name in CSV pointing to (string) CVEs - note that this can be a comma-delimited list format CVE-000-0000 | Vuln Def | |
| wasc_id | no | column name in CSV pointing to (string) WASC - note that this can be a comma-delimited list - format WASC-00 | Vuln Def | ||
| cwe_id | no | column name in CSV pointing to (string) CWE - note that this can be a comma-delimited list - format CWE-000 | Vuln Def | ||
| name | Vuln Name | yes | "column name in CSV pointing to (string) Name/title of Vuln will be displayed as vuln name if no cve | cwe or wasc" | Vuln Def |
| description | Vuln Description | yes | column name in CSV pointing to (string) Description | Vuln Def | |
| solution | Vuln Recommendation | no | column name in CSV pointing to (string) Solution | Vuln Def |
However, on execution fails:
[~]$ ruby csv_KDI_json.rb vuln_parsed.csv has_header? default_meta.csv skip_autoclose? output.json assets_only? domain_suffix?
Traceback (most recent call last):
3: from csv_KDI_json.rb:223:in '<main>'
2: from /usr/share/ruby/csv.rb:1319:in 'parse'
1: from /usr/share/ruby/csv.rb:1764:in 'each'
csv_KDI_json.rb:231:in 'block in <main>': no implicit conversion of String into Integer (TypeError)
Usage:
kenna-guardium-upload.rb cust_field_id1 cust_field_id2 cust_field_id3 cust_field_id4
Should be
kenna-zap-upload.rb cust_field_id1 cust_field_id2 cust_field_id3 cust_field_id4
Tested on:
Hello,
I am trying to run the script un the /asset_priority_by_risk_meter/ folder and getting the following error message. Can you help me how to fix this issue?
$ ruby kenna-priority-by-risk-meter.rb $KENNA_TOKEN rm_meters_meta.csv rmid priority
Currently processing page 1 of 12
Currently processing page 1 of 1
made it to bulk update
https://api.kennasecurity.com/assets/bulk
made it to bulk update
https://api.kennasecurity.com/assets/bulk
{"assets_updated"=>19}
kenna-priority-by-risk-meter.rb:266:in `rescue in block (3 levels) in <main>': uninitialized constant RestClient::TooManyRequests (NameError)
from kenna-priority-by-risk-meter.rb:223:in `block (3 levels) in <main>'
$I am using the tested ruby version on my server
$ ruby --version
ruby 2.0.0p648 (2015-12-16) [x86_64-linux]This script will no longer work for the majority of customers on September 1st when Kenna roles out multiple roles per user functionality. "role" field will need to change to "roles", and role names will need to be passed as part of an array. I suggest creating a legacy version of the script for customers without MRPU, while updating the default script to use MRPU by default
How do I create a vulnerability in a way that doesn't require uploading files? Thanks!
The documentation for the script says that the script will grab all risk meters if a meter list csv is not provided. This isn't currently working. The API response for all risk meters comes in as an array instead of a hash (asset_groups:[] vs asset_group:{}). To support this the array for all risk meters would need to be mapped into hashes. Alternatively, the documentation could be updated to require a meter list to be provided. I would also note that many customers have a large number of risk meters and would require pagination support to be added to the script to work as intended
When processing an asset tag csv with multiple threads, there can occur times when one thread open the log for writing, another thread also opens the file for writing, the first thread closes the file, and the second thread attempts to write to the (now closed) file - raising EBADF or a stream closed error.
An easy "fix" use Logger on a single file opened once outside the block creating threads, closed once via an ensure at the end of the block. This will possibly not enforce in-order logging (two threads might mix their lines and the log would be corrupt, but the program will run). I believe the open/close can be lifted out of the thread code to here: https://github.com/KennaPublicSamples/All_Samples/blob/updates_branch/kenna-asset-tagger/kenna-asset-tagger_mt.rb#L319-L321
Better to find a standard thread safe logging option - or use a thread local log output file, and splice them if needed after the execution.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.