|
1 | 1 | { |
2 | 2 | "name": "appmixer.wiz.core.UploadSecurityScan", |
3 | 3 | "author": "Appmixer <[email protected]>", |
4 | | - "description": "TBD", |
| 4 | + "description": "Upload security scans to enrich the Wiz Security Graph, using the Vulnerability Findings Schema", |
5 | 5 | "private": false, |
6 | 6 | "auth": { |
7 | 7 | "service": "appmixer:wiz" |
|
32 | 32 | "providerId": { |
33 | 33 | "type": "string" |
34 | 34 | }, |
| 35 | + "dataSourceAnalysisDate": { |
| 36 | + "type": "string" |
| 37 | + }, |
35 | 38 | "vulnerabilityFindings": { } |
36 | 39 | }, |
37 | 40 | "required": [ |
|
54 | 57 | "type": "text", |
55 | 58 | "label": "Integration ID", |
56 | 59 | "tooltip": "The unique ID for each Wiz integration. Sent by Wiz during the integration initiation process.", |
57 | | - "index": 0 |
| 60 | + "index": 1 |
58 | 61 | }, |
59 | 62 | "dataSourceId": { |
60 | 63 | "type": "text", |
61 | 64 | "label": "Data Source ID", |
62 | 65 | "tooltip": "The ID that uniquely identifies asset findings within a tenant and integration ID. Can be a subscription ID.", |
63 | | - "index": 1 |
| 66 | + "index": 2 |
64 | 67 | }, |
65 | 68 | "dataSourceAnalysisDate": { |
66 | 69 | "type": "date-time", |
|
69 | 72 | "config": { |
70 | 73 | "enableTime": true |
71 | 74 | }, |
72 | | - "index": 1 |
| 75 | + "index": 3 |
73 | 76 | }, |
74 | 77 | "providerId": { |
75 | 78 | "type": "text", |
76 | 79 | "label": "Provider ID", |
77 | 80 | "tooltip": "A unique identifier assigned to a specific cloud asset by the cloud service provider when the asset is created, allowing for the identification and differentiation of the asset within the cloud computing ecosystem.", |
78 | | - "index": 2 |
| 81 | + "index": 4 |
79 | 82 | }, |
80 | 83 | "cloudPlatform": { |
81 | 84 | "type": "select", |
82 | | - "index": 2, |
| 85 | + "index": 5, |
83 | 86 | "label": "Cloud Platform", |
84 | 87 | "defaultValue": "AWS", |
85 | 88 | "tooltip": "The cloud platform that was scanned. Default is AWS", |
|
94 | 97 | }, |
95 | 98 | "vulnerabilityFindings": { |
96 | 99 | "type": "expression", |
97 | | - "index": 2, |
| 100 | + "index": 6, |
98 | 101 | "label": "Has an error in it", |
99 | 102 | "levels": ["AND"], |
100 | 103 | "fields": { |
|
107 | 110 | }, |
108 | 111 | "name": { |
109 | 112 | "type": "text", |
110 | | - "index": 1, |
| 113 | + "index": 2, |
111 | 114 | "label": "Name", |
112 | 115 | "tooltip": "The name of the Vulnerability, for example CVE-2021-25288.", |
113 | 116 | "required": true |
114 | 117 | }, |
115 | 118 | "severity": { |
116 | 119 | "type": "select", |
117 | | - "index": 2, |
| 120 | + "index": 3, |
118 | 121 | "label": "Severity", |
119 | 122 | "defaultValue": "Medium", |
120 | 123 | "tooltip": "The severity of the vulnerability. Default is Medium", |
|
128 | 131 | }, |
129 | 132 | "externalDetectionSource": { |
130 | 133 | "type": "select", |
131 | | - "index": 2, |
| 134 | + "index": 4, |
132 | 135 | "label": "External Detection Source", |
133 | 136 | "defaultValue": "Package", |
134 | 137 | "tooltip": "The severity of the vulnerability. Default is Medium", |
|
156 | 159 | }, |
157 | 160 | "externalFindingLink": { |
158 | 161 | "type": "text", |
159 | | - "index": 1, |
| 162 | + "index": 5, |
160 | 163 | "label": "External Finding Link", |
161 | 164 | "tooltip": "A link to the source of the external finding." |
162 | 165 | }, |
163 | 166 | "detailedName": { |
164 | 167 | "type": "text", |
165 | | - "index": 1, |
| 168 | + "index": 6, |
166 | 169 | "label": "Detailed Name", |
167 | 170 | "tooltip": "The details of the externalDetectionSource, such as \"Package,\" should include relevant information about the package. For instance, if the externalDetectionSource is \"libncurses6,\" the \"Details Name\" should reflect details about the package, such as \"libncurses6 package.\"." |
168 | 171 | }, |
169 | 172 | "version": { |
170 | 173 | "type": "text", |
171 | | - "index": 1, |
| 174 | + "index": 7, |
172 | 175 | "label": "Version", |
173 | 176 | "tooltip": "The version of the finding." |
174 | 177 | }, |
175 | 178 | "description": { |
176 | 179 | "type": "text", |
177 | | - "index": 1, |
| 180 | + "index": 8, |
178 | 181 | "label": "Description", |
179 | 182 | "tooltip": "A description of the finding." |
180 | 183 | }, |
181 | 184 | "source": { |
182 | 185 | "type": "text", |
183 | | - "index": 1, |
| 186 | + "index": 9, |
184 | 187 | "label": "Source", |
185 | 188 | "tooltip": "The name of the product that detected the vulnerability." |
186 | 189 | }, |
187 | 190 | "remediation": { |
188 | 191 | "type": "text", |
189 | | - "index": 1, |
| 192 | + "index": 10, |
190 | 193 | "label": "Remediation", |
191 | 194 | "required": true, |
192 | 195 | "tooltip": "The remediation for the vulnerability." |
193 | 196 | }, |
194 | 197 | "validatedAtRuntime": { |
195 | 198 | "type": "toggle", |
196 | | - "index": 1, |
| 199 | + "index": 11, |
197 | 200 | "label": "Validated At Runtime", |
198 | 201 | "defaultValue": false, |
199 | 202 | "tooltip": "Indicates if the finding was detected during runtime (true), or if it was detected during offline or static scanning (false)." |
|
0 commit comments