This repository has been archived by the owner on Jul 13, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add compliances, processes and exfiltration fields to findings …
…attributes. They contain compliance information about a security standard indicating unmet recommendations, represents operating system processes, and data exfiltration attempt of one... (#490) * feat: Add compliances, processes and exfiltration fields to findings attributes. They contain compliance information about a security standard indicating unmet recommendations, represents operating system processes, and data exfiltration attempt of one or more source(s) to one or more target(s). Source(s) represent the source of data that is exfiltrated, and Target(s) represents the destination the data was copied to PiperOrigin-RevId: 452067806 Source-Link: googleapis/googleapis@5bfadd9 Source-Link: https://github.com/googleapis/googleapis-gen/commit/ae56215246dee968a4eac43b0012d676876e52a4 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYWU1NjIxNTI0NmRlZTk2OGE0ZWFjNDNiMDAxMmQ2NzY4NzZlNTJhNCJ9 * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
eb30121
commit c825bb4
Showing
12 changed files
with
5,472 additions
and
2,097 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| // Copyright 2022 Google LLC | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| syntax = "proto3"; | ||
|
|
||
| package google.cloud.securitycenter.v1; | ||
|
|
||
| option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; | ||
| option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; | ||
| option java_multiple_files = true; | ||
| option java_outer_classname = "ComplianceProto"; | ||
| option java_package = "com.google.cloud.securitycenter.v1"; | ||
| option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; | ||
| option ruby_package = "Google::Cloud::SecurityCenter::V1"; | ||
|
|
||
| // Contains compliance information about a security standard indicating unmet | ||
| // recommendations. | ||
| message Compliance { | ||
| // Refers to industry wide standards or benchmarks e.g. "cis", "pci", "owasp", | ||
| // etc. | ||
| string standard = 1; | ||
|
|
||
| // Version of the standard/benchmark e.g. 1.1 | ||
| string version = 2; | ||
|
|
||
| // Policies within the standard/benchmark e.g. A.12.4.1 | ||
| repeated string ids = 3; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| // Copyright 2022 Google LLC | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| syntax = "proto3"; | ||
|
|
||
| package google.cloud.securitycenter.v1; | ||
|
|
||
| option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; | ||
| option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; | ||
| option java_multiple_files = true; | ||
| option java_outer_classname = "ExfiltrationProto"; | ||
| option java_package = "com.google.cloud.securitycenter.v1"; | ||
| option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; | ||
| option ruby_package = "Google::Cloud::SecurityCenter::V1"; | ||
|
|
||
| // Exfiltration represents a data exfiltration attempt of one or more | ||
| // sources to one or more targets. Sources represent the source | ||
| // of data that is exfiltrated, and Targets represents the destination the | ||
| // data was copied to. | ||
| message Exfiltration { | ||
| // If there are multiple sources, then the data is considered "joined" between | ||
| // them. For instance, BigQuery can join multiple tables, and each | ||
| // table would be considered a source. | ||
| repeated ExfilResource sources = 1; | ||
|
|
||
| // If there are multiple targets, each target would get a complete copy of the | ||
| // "joined" source data. | ||
| repeated ExfilResource targets = 2; | ||
| } | ||
|
|
||
| // Resource that has been exfiltrated or exfiltrated_to. | ||
| message ExfilResource { | ||
| // Resource's URI (https://google.aip.dev/122#full-resource-names) | ||
| string name = 1; | ||
|
|
||
| // Subcomponents of the asset that is exfiltrated - these could be | ||
| // URIs used during exfiltration, table names, databases, filenames, etc. | ||
| // For example, multiple tables may be exfiltrated from the same CloudSQL | ||
| // instance, or multiple files from the same Cloud Storage bucket. | ||
| repeated string components = 2; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| // Copyright 2022 Google LLC | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| syntax = "proto3"; | ||
|
|
||
| package google.cloud.securitycenter.v1; | ||
|
|
||
| option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; | ||
| option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; | ||
| option java_multiple_files = true; | ||
| option java_outer_classname = "FileProto"; | ||
| option java_package = "com.google.cloud.securitycenter.v1"; | ||
| option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; | ||
| option ruby_package = "Google::Cloud::SecurityCenter::V1"; | ||
|
|
||
| // File information about the related binary/library used by an executable, or | ||
| // the script used by a script interpreter | ||
| message File { | ||
| // Absolute path of the file as a JSON encoded string. | ||
| string path = 1; | ||
|
|
||
| // Size of the file in bytes. | ||
| int64 size = 2; | ||
|
|
||
| // SHA256 hash of the first hashed_size bytes of the file encoded as a | ||
| // hex string. If hashed_size == size, hash_sha256 represents the SHA256 hash | ||
| // of the entire file. | ||
| string sha256 = 3; | ||
|
|
||
| // The length in bytes of the file prefix that was hashed. If | ||
| // hashed_size == size, any hashes reported represent the entire | ||
| // file. | ||
| int64 hashed_size = 4; | ||
|
|
||
| // True when the hash covers only a prefix of the file. | ||
| bool partially_hashed = 5; | ||
|
|
||
| // Prefix of the file contents as a JSON encoded string. | ||
| // (Currently only populated for Malicious Script Executed findings.) | ||
| string contents = 6; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| // Copyright 2022 Google LLC | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
|
|
||
| syntax = "proto3"; | ||
|
|
||
| package google.cloud.securitycenter.v1; | ||
|
|
||
| import "google/cloud/securitycenter/v1/file.proto"; | ||
|
|
||
| option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; | ||
| option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; | ||
| option java_multiple_files = true; | ||
| option java_outer_classname = "ProcessProto"; | ||
| option java_package = "com.google.cloud.securitycenter.v1"; | ||
| option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; | ||
| option ruby_package = "Google::Cloud::SecurityCenter::V1"; | ||
|
|
||
| // Represents an operating system process. | ||
| message Process { | ||
| // File information for the process executable. | ||
| File binary = 3; | ||
|
|
||
| // File information for libraries loaded by the process. | ||
| repeated File libraries = 4; | ||
|
|
||
| // When the process represents the invocation of a script, | ||
| // `binary` provides information about the interpreter while `script` | ||
| // provides information about the script file provided to the | ||
| // interpreter. | ||
| File script = 5; | ||
|
|
||
| // Process arguments as JSON encoded strings. | ||
| repeated string args = 6; | ||
|
|
||
| // True if `args` is incomplete. | ||
| bool arguments_truncated = 7; | ||
|
|
||
| // Process environment variables. | ||
| repeated EnvironmentVariable env_variables = 8; | ||
|
|
||
| // True if `env_variables` is incomplete. | ||
| bool env_variables_truncated = 9; | ||
|
|
||
| // The process id. | ||
| int64 pid = 10; | ||
|
|
||
| // The parent process id. | ||
| int64 parent_pid = 11; | ||
| } | ||
|
|
||
| // EnvironmentVariable is a name-value pair to store environment variables for | ||
| // Process. | ||
| message EnvironmentVariable { | ||
| // Environment variable name as a JSON encoded string. | ||
| string name = 1; | ||
|
|
||
| // Environment variable value as a JSON encoded string. | ||
| string val = 2; | ||
| } |
Oops, something went wrong.