feat: Added vulnerability field to Finding

google/cloud/securitycenter/__init__.py

@@ -115,6 +115,10 @@
     UpdateSourceRequest,
 )
 from google.cloud.securitycenter_v1.types.source import Source
+from google.cloud.securitycenter_v1.types.vulnerability import Cve
+from google.cloud.securitycenter_v1.types.vulnerability import Cvssv3
+from google.cloud.securitycenter_v1.types.vulnerability import Reference
+from google.cloud.securitycenter_v1.types.vulnerability import Vulnerability
 
 __all__ = (
     "SecurityCenterClient",
@@ -157,4 +161,8 @@
     "UpdateSecurityMarksRequest",
     "UpdateSourceRequest",
     "Source",
+    "Cve",
+    "Cvssv3",
+    "Reference",
+    "Vulnerability",
 )

google/cloud/securitycenter_v1/__init__.py

@@ -55,13 +55,19 @@
 from .types.securitycenter_service import UpdateSecurityMarksRequest
 from .types.securitycenter_service import UpdateSourceRequest
 from .types.source import Source
+from .types.vulnerability import Cve
+from .types.vulnerability import Cvssv3
+from .types.vulnerability import Reference
+from .types.vulnerability import Vulnerability
 
 __all__ = (
     "SecurityCenterAsyncClient",
     "Asset",
     "CreateFindingRequest",
     "CreateNotificationConfigRequest",
     "CreateSourceRequest",
+    "Cve",
+    "Cvssv3",
     "DeleteNotificationConfigRequest",
     "Finding",
     "Folder",
@@ -85,6 +91,7 @@
     "NotificationConfig",
     "NotificationMessage",
     "OrganizationSettings",
+    "Reference",
     "Resource",
     "RunAssetDiscoveryRequest",
     "RunAssetDiscoveryResponse",
@@ -97,4 +104,5 @@
     "UpdateOrganizationSettingsRequest",
     "UpdateSecurityMarksRequest",
     "UpdateSourceRequest",
+    "Vulnerability",
 )

google/cloud/securitycenter_v1/services/security_center/async_client.py

@@ -46,6 +46,7 @@
 from google.cloud.securitycenter_v1.types import securitycenter_service
 from google.cloud.securitycenter_v1.types import source
 from google.cloud.securitycenter_v1.types import source as gcs_source
+from google.cloud.securitycenter_v1.types import vulnerability
 from google.iam.v1 import iam_policy_pb2  # type: ignore
 from google.iam.v1 import policy_pb2  # type: ignore
 from google.protobuf import empty_pb2  # type: ignore

google/cloud/securitycenter_v1/services/security_center/client.py

@@ -50,6 +50,7 @@
 from google.cloud.securitycenter_v1.types import securitycenter_service
 from google.cloud.securitycenter_v1.types import source
 from google.cloud.securitycenter_v1.types import source as gcs_source
+from google.cloud.securitycenter_v1.types import vulnerability
 from google.iam.v1 import iam_policy_pb2  # type: ignore
 from google.iam.v1 import policy_pb2  # type: ignore
 from google.protobuf import empty_pb2  # type: ignore

google/cloud/securitycenter_v1/types/__init__.py

@@ -53,6 +53,12 @@
     UpdateSourceRequest,
 )
 from .source import Source
+from .vulnerability import (
+    Cve,
+    Cvssv3,
+    Reference,
+    Vulnerability,
+)
 
 __all__ = (
     "Asset",
@@ -93,4 +99,8 @@
     "UpdateSecurityMarksRequest",
     "UpdateSourceRequest",
     "Source",
+    "Cve",
+    "Cvssv3",
+    "Reference",
+    "Vulnerability",
 )

google/cloud/securitycenter_v1/types/finding.py

@@ -17,6 +17,7 @@
 
 from google.cloud.securitycenter_v1.types import indicator as gcs_indicator
 from google.cloud.securitycenter_v1.types import security_marks as gcs_security_marks
+from google.cloud.securitycenter_v1.types import vulnerability as gcs_vulnerability
 from google.protobuf import struct_pb2  # type: ignore
 from google.protobuf import timestamp_pb2  # type: ignore
 
@@ -109,6 +110,11 @@ class Finding(proto.Message):
             observed on a network or in an operating system that, with
             high confidence, indicates a computer intrusion. Reference:
             https://en.wikipedia.org/wiki/Indicator_of_compromise
+        vulnerability (google.cloud.securitycenter_v1.types.Vulnerability):
+            Represents vulnerability specific fields like
+            cve, cvss scores etc. CVE stands for Common
+            Vulnerabilities and Exposures
+            (https://cve.mitre.org/about/)
     """
 
     class State(proto.Enum):
@@ -153,6 +159,9 @@ class FindingClass(proto.Enum):
     canonical_name = proto.Field(proto.STRING, number=14,)
     finding_class = proto.Field(proto.ENUM, number=17, enum=FindingClass,)
     indicator = proto.Field(proto.MESSAGE, number=18, message=gcs_indicator.Indicator,)
+    vulnerability = proto.Field(
+        proto.MESSAGE, number=20, message=gcs_vulnerability.Vulnerability,
+    )
 
 
 __all__ = tuple(sorted(__protobuf__.manifest))

google/cloud/securitycenter_v1/types/resource.py

@@ -40,6 +40,8 @@ class Resource(proto.Message):
             The full resource name of resource's parent.
         parent_display_name (str):
             The human readable name of resource's parent.
+        type_ (str):
+            The full resource type of the resource.
         folders (Sequence[google.cloud.securitycenter_v1.types.Folder]):
             Output only. Contains a Folder message for
             each folder in the assets ancestry. The first
@@ -53,6 +55,7 @@ class Resource(proto.Message):
     project_display_name = proto.Field(proto.STRING, number=3,)
     parent = proto.Field(proto.STRING, number=4,)
     parent_display_name = proto.Field(proto.STRING, number=5,)
+    type_ = proto.Field(proto.STRING, number=6,)
     folders = proto.RepeatedField(proto.MESSAGE, number=7, message=folder.Folder,)
 
 

google/cloud/securitycenter_v1/types/vulnerability.py

@@ -0,0 +1,191 @@
+# -*- coding: utf-8 -*-
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import proto  # type: ignore
+
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v1",
+    manifest={"Vulnerability", "Cve", "Reference", "Cvssv3",},
+)
+
+
+class Vulnerability(proto.Message):
+    r"""Refers to common vulnerability fields e.g. cve, cvss, cwe
+    etc.
+
+    Attributes:
+        cve (google.cloud.securitycenter_v1.types.Cve):
+            CVE stands for Common Vulnerabilities and
+            Exposures (https://cve.mitre.org/about/)
+    """
+
+    cve = proto.Field(proto.MESSAGE, number=1, message="Cve",)
+
+
+class Cve(proto.Message):
+    r"""CVE stands for Common Vulnerabilities and Exposures.
+    More information: https://cve.mitre.org
+
+    Attributes:
+        id (str):
+            The unique identifier for the vulnerability.
+            e.g. CVE-2021-34527
+        references (Sequence[google.cloud.securitycenter_v1.types.Reference]):
+            Additional information about the CVE.
+            e.g. https://cve.mitre.org/cgi-
+            bin/cvename.cgi?name=CVE-2021-34527
+        cvssv3 (google.cloud.securitycenter_v1.types.Cvssv3):
+            Describe Common Vulnerability Scoring System
+            specified at
+            https://www.first.org/cvss/v3.1/specification-
+            document
+    """
+
+    id = proto.Field(proto.STRING, number=1,)
+    references = proto.RepeatedField(proto.MESSAGE, number=2, message="Reference",)
+    cvssv3 = proto.Field(proto.MESSAGE, number=3, message="Cvssv3",)
+
+
+class Reference(proto.Message):
+    r"""Additional Links
+
+    Attributes:
+        source (str):
+            Source of the reference e.g. NVD
+        uri (str):
+            Uri for the mentioned source e.g.
+            https://cve.mitre.org/cgi-
+            bin/cvename.cgi?name=CVE-2021-34527.
+    """
+
+    source = proto.Field(proto.STRING, number=1,)
+    uri = proto.Field(proto.STRING, number=2,)
+
+
+class Cvssv3(proto.Message):
+    r"""Common Vulnerability Scoring System version 3.
+
+    Attributes:
+        base_score (float):
+            The base score is a function of the base
+            metric scores.
+        attack_vector (google.cloud.securitycenter_v1.types.Cvssv3.AttackVector):
+            Base Metrics
+            Represents the intrinsic characteristics of a
+            vulnerability that are constant over time and
+            across user environments. This metric reflects
+            the context by which vulnerability exploitation
+            is possible.
+        attack_complexity (google.cloud.securitycenter_v1.types.Cvssv3.AttackComplexity):
+            This metric describes the conditions beyond
+            the attacker's control that must exist in order
+            to exploit the vulnerability.
+        privileges_required (google.cloud.securitycenter_v1.types.Cvssv3.PrivilegesRequired):
+            This metric describes the level of privileges
+            an attacker must possess before successfully
+            exploiting the vulnerability.
+        user_interaction (google.cloud.securitycenter_v1.types.Cvssv3.UserInteraction):
+            This metric captures the requirement for a
+            human user, other than the attacker, to
+            participate in the successful compromise of the
+            vulnerable component.
+        scope (google.cloud.securitycenter_v1.types.Cvssv3.Scope):
+            The Scope metric captures whether a
+            vulnerability in one vulnerable component
+            impacts resources in components beyond its
+            security scope.
+        confidentiality_impact (google.cloud.securitycenter_v1.types.Cvssv3.Impact):
+            This metric measures the impact to the
+            confidentiality of the information resources
+            managed by a software component due to a
+            successfully exploited vulnerability.
+        integrity_impact (google.cloud.securitycenter_v1.types.Cvssv3.Impact):
+            This metric measures the impact to integrity
+            of a successfully exploited vulnerability.
+        availability_impact (google.cloud.securitycenter_v1.types.Cvssv3.Impact):
+            This metric measures the impact to the
+            availability of the impacted component resulting
+            from a successfully exploited vulnerability.
+    """
+
+    class AttackVector(proto.Enum):
+        r"""This metric reflects the context by which vulnerability
+        exploitation is possible.
+        """
+        ATTACK_VECTOR_UNSPECIFIED = 0
+        ATTACK_VECTOR_NETWORK = 1
+        ATTACK_VECTOR_ADJACENT = 2
+        ATTACK_VECTOR_LOCAL = 3
+        ATTACK_VECTOR_PHYSICAL = 4
+
+    class AttackComplexity(proto.Enum):
+        r"""This metric describes the conditions beyond the attacker's
+        control that must exist in order to exploit the vulnerability.
+        """
+        ATTACK_COMPLEXITY_UNSPECIFIED = 0
+        ATTACK_COMPLEXITY_LOW = 1
+        ATTACK_COMPLEXITY_HIGH = 2
+
+    class PrivilegesRequired(proto.Enum):
+        r"""This metric describes the level of privileges an attacker
+        must possess before successfully exploiting the vulnerability.
+        """
+        PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+        PRIVILEGES_REQUIRED_NONE = 1
+        PRIVILEGES_REQUIRED_LOW = 2
+        PRIVILEGES_REQUIRED_HIGH = 3
+
+    class UserInteraction(proto.Enum):
+        r"""This metric captures the requirement for a human user, other
+        than the attacker, to participate in the successful compromise
+        of the vulnerable component.
+        """
+        USER_INTERACTION_UNSPECIFIED = 0
+        USER_INTERACTION_NONE = 1
+        USER_INTERACTION_REQUIRED = 2
+
+    class Scope(proto.Enum):
+        r"""The Scope metric captures whether a vulnerability in one
+        vulnerable component impacts resources in components beyond its
+        security scope.
+        """
+        SCOPE_UNSPECIFIED = 0
+        SCOPE_UNCHANGED = 1
+        SCOPE_CHANGED = 2
+
+    class Impact(proto.Enum):
+        r"""The Impact metrics capture the effects of a successfully
+        exploited vulnerability on the component that suffers the worst
+        outcome that is most directly and predictably associated with
+        the attack.
+        """
+        IMPACT_UNSPECIFIED = 0
+        IMPACT_HIGH = 1
+        IMPACT_LOW = 2
+        IMPACT_NONE = 3
+
+    base_score = proto.Field(proto.DOUBLE, number=1,)
+    attack_vector = proto.Field(proto.ENUM, number=5, enum=AttackVector,)
+    attack_complexity = proto.Field(proto.ENUM, number=6, enum=AttackComplexity,)
+    privileges_required = proto.Field(proto.ENUM, number=7, enum=PrivilegesRequired,)
+    user_interaction = proto.Field(proto.ENUM, number=8, enum=UserInteraction,)
+    scope = proto.Field(proto.ENUM, number=9, enum=Scope,)
+    confidentiality_impact = proto.Field(proto.ENUM, number=10, enum=Impact,)
+    integrity_impact = proto.Field(proto.ENUM, number=11, enum=Impact,)
+    availability_impact = proto.Field(proto.ENUM, number=12, enum=Impact,)
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))

tests/unit/gapic/securitycenter_v1/test_security_center.py

@@ -61,6 +61,7 @@
 from google.cloud.securitycenter_v1.types import securitycenter_service
 from google.cloud.securitycenter_v1.types import source
 from google.cloud.securitycenter_v1.types import source as gcs_source
+from google.cloud.securitycenter_v1.types import vulnerability
 from google.iam.v1 import iam_policy_pb2  # type: ignore
 from google.iam.v1 import options_pb2  # type: ignore
 from google.iam.v1 import policy_pb2  # type: ignore