Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[VulnCheck] Initial Implementation of VulnCheck Connector #3257

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[VulnCheck] Initial Implementation of VulnCheck Connector #3257

wants to merge 1 commit into from

Conversation

maddawik
Copy link
Contributor

@maddawik maddawik commented Jan 11, 2025
edited
Loading

Proposed changes

This is the initial implementation of an external import connector for VulnCheck. It transforms several different data sources from our API, using our python-sdk, into STIX objects/relationships.

Some data sources ingest substantial volumes of data for parsing and generate a significant number of STIX objects and relationships as a result. These resource-intensive data sources have been highlighted in the documentation for user awareness.

Related issues

There are no related issues to link to this PR.

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

We've made our best effort to make design decisions that are in-line with OpenCTI's plugin architecture - that said, please let me know if there are improvements that can be made!

@maddawik
Copy link
Contributor Author

maddawik commented Jan 11, 2025
edited
Loading

I see that isort is failing in CI, however I'm unable to reproduce that locally with the same version of black and isort - please advise!

❯ poetry run black --version
black, 24.10.0 (compiled: yes)
Python (CPython) 3.12.8
❯ poetry run isort --profile black --check src/vclib/config_variables.py --verbose

                 _                 _
                (_) ___  ___  _ __| |_
                | |/ _/ / _ \/ '__  _/
                | |\__ \/\_\/| |  | |_
                |_|\___/\___/\_/   \_/

      isort your imports, so you don't have to.

                    VERSION 5.13.2

else-type place_module for os returned STDLIB
from-type place_module for pathlib returned STDLIB
else-type place_module for yaml returned THIRDPARTY
from-type place_module for pycti returned THIRDPARTY
from-type place_module for vclib.sources.data_source returned FIRSTPARTY
SUCCESS: /Users/user-name/vulncheck/opencti-connector/external-import/vulncheck/src/vclib/config_variables.py Everything Looks Good!
❯ poetry run isort --profile black --check src/vclib/connector_client.py --verbose

                 _                 _
                (_) ___  ___  _ __| |_
                | |/ _/ / _ \/ '__  _/
                | |\__ \/\_\/| |  | |_
                |_|\___/\___/\_/   \_/

      isort your imports, so you don't have to.

                    VERSION 5.13.2

else-type place_module for gzip returned STDLIB
else-type place_module for json returned STDLIB
else-type place_module for os returned STDLIB
else-type place_module for zipfile returned STDLIB
from-type place_module for datetime returned STDLIB
from-type place_module for typing returned STDLIB
else-type place_module for requests returned THIRDPARTY
else-type place_module for vulncheck_sdk returned THIRDPARTY
from-type place_module for pycti returned THIRDPARTY
from-type place_module for pydantic returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.advisory_botnet returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.advisory_ip_intel_record returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.advisory_ransomware_exploit returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.advisory_threat_actor_with_external_objects returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.advisory_vuln_check_kev returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.api_exploit_v3_result returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.api_initial_access returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.api_nvd20_cve returned THIRDPARTY
from-type place_module for vulncheck_sdk.models.api_nvd20_cve_extended returned THIRDPARTY
from-type place_module for vclib.config_variables returned FIRSTPARTY
from-type place_module for vclib.sources returned FIRSTPARTY
SUCCESS: /Users/user-name/vulncheck/opencti-connector/external-import/vulncheck/src/vclib/connector_client.py Everything Looks Good!

@maddawik maddawik force-pushed the initial-implementation branch 4 times, most recently from 77281d0 to 062d5b9 Compare January 12, 2025 04:56
@romain-filigran romain-filigran added this to the PRs backlog milestone Jan 12, 2025
@romain-filigran romain-filigran added the partner used to identify PR from patner label Jan 12, 2025
@maddawik maddawik force-pushed the initial-implementation branch 7 times, most recently from 0e87925 to 0305d9b Compare January 17, 2025 23:21
@maddawik maddawik force-pushed the initial-implementation branch from 0305d9b to 11be26b Compare January 18, 2025 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
partner used to identify PR from patner
Projects
None yet
Milestone
PRs backlog
Development

Successfully merging this pull request may close these issues.
2 participants
@maddawik @romain-filigran