Skip to content

Commit bf44edb

Browse files
MTorbay-FiligranSouadHadjiatlndrtrbn
committed
fix(backend): change security coverage resolver for compatibility (#14716)
Co-authored-by: Souad Hadjiat <souad.hadjiat@filigran.io> Co-authored-by: Landry Trebon <landry.trebon@filigran.io>
1 parent 9a0ea02 commit bf44edb

39 files changed

Lines changed: 1741 additions & 149 deletions
Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
# coding: utf-8
2+
import os
3+
from datetime import datetime, timedelta, timezone
4+
from pprint import pprint
5+
6+
from pycti import OpenCTIApiClient
7+
8+
# Variables
9+
api_url = os.getenv("OPENCTI_API_URL", "http://opencti:4000")
10+
api_token = os.getenv("OPENCTI_API_TOKEN", "bfa014e0-e02e-4aa6-a42b-603b19dcf159")
11+
12+
# OpenCTI initialization
13+
opencti_api_client = OpenCTIApiClient(api_url, api_token)
14+
now = datetime.now(timezone.utc)
15+
in_4_weeks = now + timedelta(weeks=4)
16+
17+
# Setup, create a security coverage to link to the result
18+
report = opencti_api_client.report.create(
19+
name="Report for SCR",
20+
published=now.isoformat(),
21+
)
22+
if not report or "id" not in report:
23+
raise RuntimeError("Failed to create report")
24+
securityCoverage = opencti_api_client.security_coverage.create(
25+
name="SC for SCR",
26+
description="Super Security Coverage",
27+
objectCovered=report["id"],
28+
auto_enrichment_disable=False,
29+
)
30+
if not securityCoverage or "id" not in report:
31+
raise RuntimeError("Failed to create security coverage")
32+
33+
# Create a security coverage result
34+
scr = opencti_api_client.security_coverage_result.create(
35+
resultOf=securityCoverage["id"],
36+
external_uri="my-oaev-instance-1",
37+
coverage_last_result=now.isoformat(),
38+
coverage_valid_from=now.isoformat(),
39+
coverage_valid_to=in_4_weeks.isoformat(),
40+
coverage_information=[
41+
{"coverage_name": "Prevention", "coverage_score": 45},
42+
{"coverage_name": "Detection", "coverage_score": 90},
43+
],
44+
)
45+
pprint(scr)
Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# coding: utf-8
2+
import os
3+
from pprint import pprint
4+
5+
from pycti import OpenCTIApiClient
6+
7+
# Variables
8+
api_url = os.getenv("OPENCTI_API_URL", "http://opencti:4000")
9+
api_token = os.getenv("OPENCTI_API_TOKEN", "bfa014e0-e02e-4aa6-a42b-603b19dcf159")
10+
11+
# OpenCTI initialization
12+
opencti_api_client = OpenCTIApiClient(api_url, api_token)
13+
14+
# Search
15+
all_results = opencti_api_client.security_coverage_result.list(getAll=True)
16+
print(f"Found {len(all_results)} Security Coverage Results")
17+
pprint(all_results)
18+
19+
# Get by ID
20+
scr = opencti_api_client.security_coverage_result.read(
21+
id="security-coverage-result--7e7aed66-151d-52c4-956c-ee68322dda69"
22+
)
23+
pprint(scr)

client-python/pycti/__init__.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,7 @@
4444
from .entities.opencti_report import Report
4545
from .entities.opencti_role import Role
4646
from .entities.opencti_security_coverage import SecurityCoverage
47+
from .entities.opencti_security_coverage_result import SecurityCoverageResult
4748
from .entities.opencti_settings import Settings
4849
from .entities.opencti_stix import Stix
4950
from .entities.opencti_stix_core_object import StixCoreObject
@@ -148,6 +149,7 @@
148149
"Opinion",
149150
"Report",
150151
"SecurityCoverage",
152+
"SecurityCoverageResult",
151153
"Stix",
152154
"StixCoreObject",
153155
"StixCoreRelationship",

client-python/pycti/api/opencti_api_client.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@
6060
from pycti.entities.opencti_report import Report
6161
from pycti.entities.opencti_role import Role
6262
from pycti.entities.opencti_security_coverage import SecurityCoverage
63+
from pycti.entities.opencti_security_coverage_result import SecurityCoverageResult
6364
from pycti.entities.opencti_settings import Settings
6465
from pycti.entities.opencti_stix import Stix
6566
from pycti.entities.opencti_stix_core_object import StixCoreObject
@@ -317,6 +318,7 @@ def __init__(
317318
self.language = Language(self)
318319
self.vulnerability = Vulnerability(self)
319320
self.security_coverage = SecurityCoverage(self)
321+
self.security_coverage_result = SecurityCoverageResult(self)
320322
self.attack_pattern = AttackPattern(self)
321323
self.course_of_action = CourseOfAction(self)
322324
self.data_component = DataComponent(self)

0 commit comments

Comments
 (0)