use of com.checkmarx.flow.dto.iast.manager.dto.VulnerabilityInfo in project cx-flow by checkmarx-ltd.
the class IastService method thresholdsSeverity.
/**
* create an exception if the severity thresholds are exceeded
*/
private void thresholdsSeverity(ScanVulnerabilities scanVulnerabilities) {
Map<Severity, AtomicInteger> thresholdsSeverity = new HashMap<>(7);
for (Severity severity : Severity.values()) {
thresholdsSeverity.put(severity, new AtomicInteger(0));
}
boolean throwThresholdsSeverity = false;
for (int i = 0; i < scanVulnerabilities.getVulnerabilities().size(); i++) {
VulnerabilityInfo vulnerabilityInfo = scanVulnerabilities.getVulnerabilities().get(i);
int countSeverityVulnerabilities = thresholdsSeverity.get(vulnerabilityInfo.getHighestSeverity()).incrementAndGet();
Integer countPossibleVulnerability = iastProperties.getThresholdsSeverity().get(vulnerabilityInfo.getHighestSeverity());
if (countPossibleVulnerability != -1 && countSeverityVulnerabilities >= countPossibleVulnerability) {
throwThresholdsSeverity = true;
}
}
if (throwThresholdsSeverity) {
log.warn("\nThresholds severity are exceeded. " + "\n High: " + thresholdsSeverity.get(Severity.HIGH).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.HIGH) + "\n Medium: " + thresholdsSeverity.get(Severity.MEDIUM).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.MEDIUM) + "\n Low: " + thresholdsSeverity.get(Severity.LOW).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.LOW) + "\n Info: " + thresholdsSeverity.get(Severity.INFO).incrementAndGet() + " / " + iastProperties.getThresholdsSeverity().get(Severity.INFO));
throw new IastThresholdsSeverityException();
}
}
use of com.checkmarx.flow.dto.iast.manager.dto.VulnerabilityInfo in project cx-flow by checkmarx-ltd.
the class IastService method createIssue.
private void createIssue(ScanRequest request, Scan scan) throws IOException {
try {
final ScanVulnerabilities scanVulnerabilities = iastServiceRequests.apiScanVulnerabilities(scan.getScanId());
List<VulnerabilityInfo> vulnerabilities = scanVulnerabilities.getVulnerabilities();
for (VulnerabilityInfo vulnerability : vulnerabilities) {
if (vulnerability.getNewCount() != 0) {
final List<ResultInfo> scansResultsQuery = iastServiceRequests.apiScanResults(scan.getScanId(), vulnerability.getId());
final List<ResultInfo> scansResultQueryList = scansResultsQuery.stream().filter(scansResultQuery -> scansResultQuery.isNewResult() && filterSeverity(scansResultQuery)).collect(Collectors.toList());
for (ResultInfo scansResultQuery : scansResultQueryList) {
createIssue(scanVulnerabilities, request, scansResultQuery, vulnerability, scan);
}
}
}
thresholdsSeverity(scanVulnerabilities);
} catch (NotImplementedException e) {
throw new NotImplementedException(request.getBugTracker().getType().getType() + ". That bug tracker not implemented.");
} catch (IOException e) {
throw new IOException("Can't send api request", e);
}
}
Aggregations