Parser: Add support for importing json exports from the PTART Reporting Tool

[Hydragyrum]

⚠️ Note on feature completeness ⚠️

We are narrowing the scope of acceptable enhancements to DefectDojo in preparation for v3. Learn more here:
https://github.com/DefectDojo/django-DefectDojo/blob/master/readme-docs/CONTRIBUTING.md

Description

This PR adds a parser to import findings from the PTART (https://github.com/certmichelin/PTART) Reporting tool. Reports can be exported in JSON format, and imported to Defect Dojo using this parser.

Test results

All core functionality and helper functions are tested.

System check identified no issues (0 silenced).
test_ptart_parser_tools_cvss_vector_acquisition (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_cvss_vector_acquisition) ... ok
test_ptart_parser_tools_get_description_from_report_base (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_get_description_from_report_base) ... ok
test_ptart_parser_tools_parse_attachment_from_hit (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_parse_attachment_from_hit) ... ok
test_ptart_parser_tools_parse_ptart_fix_effort (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_parse_ptart_fix_effort) ... ok
test_ptart_parser_tools_parse_ptart_severity (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_parse_ptart_severity) ... ok
test_ptart_parser_tools_parse_screenshots_from_hit (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_parse_screenshots_from_hit) ... ok
test_ptart_parser_tools_parse_title_from_hit (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_parse_title_from_hit) ... ok
test_ptart_parser_tools_retest_fix_status_parse (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_tools_retest_fix_status_parse) ... ok
test_ptart_parser_with_empty_json_throws_error (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_empty_json_throws_error) ... ok
test_ptart_parser_with_multiple_assessments_has_many_findings_correctly_grouped (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_multiple_assessments_has_many_findings_correctly_grouped) ... ok
test_ptart_parser_with_no_assessments_has_no_findings (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_no_assessments_has_no_findings) ... ok
test_ptart_parser_with_one_assessment_has_many_findings (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_one_assessment_has_many_findings) ... ok
test_ptart_parser_with_one_assessment_has_one_finding (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_one_assessment_has_one_finding) ... ok
test_ptart_parser_with_retest_campaign (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_retest_campaign) ... ok
test_ptart_parser_with_single_vuln_on_import_test (unittests.tools.test_ptart_parser.TestPTARTParser.test_ptart_parser_with_single_vuln_on_import_test) ... ok

----------------------------------------------------------------------
Ran 15 tests in 0.024s

Documentation

Integration documentation has been added in the docs/content/en/integrations/parsers/file/ptart.md file.

Checklist

This checklist is for your information.

• Make sure to rebase your PR against the very latest dev.
• Features/Changes should be submitted against the dev.
• Bugfixes should be submitted against the bugfix branch.
• Give a meaningful name to your PR, as it may end up being used in the release notes.
• Your code is flake8 compliant.
• Your code is python 3.11 compliant.
• If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
• Model changes must include the necessary migrations in the dojo/db_migrations folder.
• Add applicable tests to the unit tests.
• Add the proper label to categorize your PR.

Extra information

[dryrunsecurity]

DryRun Security Summary

This GitHub pull request introduces changes to integrate the PTART (Penetration Testing Automation and Reporting Tool) with the DefectDojo application security platform, including new documentation, updates to the PTART report parsing and import functionality, and the introduction of unit tests to ensure the reliability of the PTART integration.

Expand for full summary

Summary:

This GitHub pull request introduces a series of changes related to the integration of the PTART (Penetration Testing Automation and Reporting Tool) with the DefectDojo application security platform. The changes include the addition of new documentation, updates to the PTART report parsing and import functionality, and the introduction of unit tests to ensure the reliability of the PTART integration.

From an application security perspective, the changes appear to be well-designed and focused on improving the security assessment and vulnerability management capabilities of the DefectDojo platform. The key security-related aspects include:

1. Robust PTART Report Parsing: The code changes introduce a comprehensive parser for PTART reports, which can accurately extract and process various security-relevant details, such as vulnerability titles, severities, CVSS scores, mitigation recommendations, and associated metadata (e.g., tags, endpoints, screenshots, attachments).

2. Handling of Retest Campaigns: The changes include the ability to process and associate retest findings with their original vulnerabilities, which is crucial for tracking the remediation progress of identified security issues.

3. Comprehensive Unit Testing: The introduction of a comprehensive unit test suite for the PTART parser ensures the reliability and robustness of the security assessment data processing, including the handling of various edge cases and input formats.

4. Secure Integration and Data Handling: While the changes do not directly introduce any security vulnerabilities, it is important to ensure that the overall integration and data handling processes within the DefectDojo platform maintain a strong security posture, including input validation, sanitization, and secure storage of sensitive information.

Files Changed:

1. docs/content/en/integrations/parsers/file/ptart.md: This file introduces new documentation for the PTART integration, providing information about the tool and the process of importing PTART reports into DefectDojo.

2. dojo/settings/settings.dist.py: This change updates the deduplication algorithm for the "PTART Report" scanner type, using the "DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL" algorithm to improve the accuracy of duplicate finding detection.

3. dojo/tools/ptart/assessment_parser.py: This file implements the parser for extracting security findings from PTART assessment reports and converting them into standardized Finding objects for DefectDojo.

4. dojo/tools/ptart/parser.py: This code provides the main entry point for importing PTART reports into DefectDojo, handling the parsing and extraction of relevant data from the JSON reports.

5. dojo/tools/ptart/ptart_parser_tools.py: This module contains a set of utility functions for parsing and processing various aspects of the PTART report data, such as severity, fix effort, dates, CVSS vectors, attachments, and endpoints.

6. dojo/tools/ptart/retest_parser.py: This code is responsible for parsing and processing retest data from the PTART reports, ensuring that the retest findings are accurately represented in DefectDojo.

7. Various unittests/scans/ptart/*.json files: These files contain sample PTART report data used for testing the PTART parser implementation.

8. unittests/tools/test_ptart_parser.py: This file contains a comprehensive unit test suite for the PTART parser, covering various aspects of its functionality and ensuring the reliability of the PTART report import process.

Code Analysis

We ran 9 analyzers against 14 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.