From c384c9438bc3ace9d70aab96c58a543fda29e62a Mon Sep 17 00:00:00 2001 From: dianaroz Date: Wed, 6 Nov 2024 13:14:55 -0600 Subject: [PATCH 1/2] change import type default change import type default from ALL to ISSUES --- tasks/connectors/wiz/readme.md | 2 +- tasks/connectors/wiz/wiz_task.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tasks/connectors/wiz/readme.md b/tasks/connectors/wiz/readme.md index fef7f8a6..3d445969 100644 --- a/tasks/connectors/wiz/readme.md +++ b/tasks/connectors/wiz/readme.md @@ -35,7 +35,7 @@ Complete list of Options: | vuln_object_types | false | Array of object types for VULNS import. Allowed values: VIRTUAL_MACHINE,CONTAINER_IMAGE,SERVERLESS. Import all if not present. | n/a | | severity | false | Array of severity types for VULNS and ISSUES (ALL) import. Allowed values: CRITICAL,HIGH,MEDIUM,LOW,INFO. Import all if not present. | n/a | | issue_status | false | Array of issue status for ISSUES import. Allowed values: OPEN,IN_PROGRESS,RESOLVED,REJECTED. Import all if not present. | n/a | -| import_type | false | What to import, ISSUES, VULNS or ALL | ALL | +| import_type | false | What to import, ISSUES, VULNS or ALL | ISSUES | | issues_external_id_attr | false | For ISSUES, the entitySnapshot attribute used to map Kenna asset's external_id, for instance, `providerId` or `resourceGroupExternalId`. If not present or the value for the passed attribute is not present the provideId attribute value is used. | n/a | | vulns_external_id_attr | false | For VULNS, the `vulnerableEntity` attribute used to map Kenna asset's external_id, for instance, `id`, `providerUniqueId` or `name`. If not present or the value for the passed attribute is not present the `id` attribute value is used. | n/a | | issues_hostname_attr | false | For ISSUES, the entitySnapshot attribute used to map Kenna asset's hostname, for instance, `name`, `subscriptionId`, `subscriptionExternalId`, `subscriptionName`, `resourceGroupId`, `resourceGroupExternalId`, `providerId`. If not present or the value for the passed attribute is not present the `name` attribute value is used. | n/a | diff --git a/tasks/connectors/wiz/wiz_task.rb b/tasks/connectors/wiz/wiz_task.rb index 1610ad6e..6f837bdf 100644 --- a/tasks/connectors/wiz/wiz_task.rb +++ b/tasks/connectors/wiz/wiz_task.rb @@ -65,7 +65,7 @@ def self.metadata { name: "import_type", type: "string", required: false, - default: "ALL", + default: "ISSUES", description: "What to import, ISSUES, VULNS or ALL" }, { name: "issues_external_id_attr", type: "string", From 32c93da68f9c858292496cc2d66ec5f0bfd906a5 Mon Sep 17 00:00:00 2001 From: dianaroz Date: Wed, 6 Nov 2024 13:26:11 -0600 Subject: [PATCH 2/2] CVE-2024-49761 Address CVE-2024-49761 with rexml update since it's causing PR to fail checks --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index b4cb199b..7f92cae7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -92,7 +92,7 @@ GEM netrc (~> 0.8) reverse_markdown (2.1.1) nokogiri - rexml (3.3.8) + rexml (3.3.9) rspec (3.12.0) rspec-core (~> 3.12.0) rspec-expectations (~> 3.12.0)