Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability and Client Statistics #272

Closed
0xkhaled opened this issue Nov 17, 2022 · 3 comments
Closed

Vulnerability and Client Statistics #272

0xkhaled opened this issue Nov 17, 2022 · 3 comments
Labels
stale

Comments

@0xkhaled
Copy link

Is your feature request related to a problem? Please describe.
it's a new feature request that will help us a security service provider to provide a nice and clear vision for our clients about how vulnerable they are towards a specific type of attack

Describe the solution you'd like
a searching feature where we select the vulnerability from our findings database and client and we got a nice statistics bar that tells us how many times we reported this type of attack for this client.
Or another query that shows top reported vulnerabilities for a specific client which means for him he needs to increase awareness for his developers or system admins towards this attack category and this standalone statistics could be another service that worth to paid or it could be an open door to sell a training service for this client to help his guys to fix such a common security issue.
@chrismaddalena
Copy link
Collaborator

chrismaddalena commented Dec 13, 2022
edited
Loading

Thanks for submitting this, @0xkhaled. This would be an interesting addition to the client dashboards. In the meantime, you can also do this now with the GraphQL API and some light scripting. For example:

query MyQuery {
  reportedFinding(where: {report: {project: {clientId: {_eq: "1"}}}}) {
    title
    cvss_score
  }
  reportedFinding_aggregate(where: {report: {project: {clientId: {_eq: "1"}}}}) {
    nodes {
      title
      cvss_score
    }
    aggregate {
      avg {
        cvss_score
      }
      count
      max {
        cvss_score
      }
      min {
        cvss_score
      }
    }
  }
}

That query returns a list of titles and CVSS scores for all findings from all reports for the given clientId value. It also includes an aggregate query that returns the same list with the addition of the average, maximum, and minimum CVSS scores.

To get exactly what you want would require some minor post-processing. You'd loop over the results to count how many times you reported each finding to make your top X list. You could also include other fields, like finding type and affected entities, to sort by the most prominent finding type or find hosts/applications that appeared the most often.

query MyQuery {
  reportedFinding_aggregate(where: {report: {project: {clientId: {_eq: "1"}}}}) {
    nodes {
      title
      cvss_score
      findingtype {
        findingType
      }
      affectedEntities
    }
    aggregate {
      avg {
        cvss_score
      }
      max {
        cvss_score
      }
      min {
        cvss_score
      }
    }
  }
}

@github-actions GitHub Actions
Copy link

This issue has been labeled as stale because it has been open for 30 days with no activity.

@github-actions github-actions bot added the stale label Jun 20, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 5, 2024

This issue is closed because it has been inactive for 14 days since being labeled stale. Feel free to re-open the issue with a comment. If this needs further discussion (e.g., a feature request), it might be better to open a topic under the Discussions tab.

@github-actions github-actions bot closed this as completed Jul 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chrismaddalena @0xkhaled