feat(cti): add Cyber Threat Intelligence info (#1442)

* feat(cti): add Cyber Threat Intelligence info * chore: replace io/ioutil as it is deprecated * chore: remove --format-csv in stdout writer * chore(deps): go get go-cti@v0.0.1 * feat(cti): update cti dict(support MITRE ATT&CK v11.1) * chore(deps): go get go-cti@master
2022-06-15 08:08:12 +00:00
parent 86b60e1478
commit 5234306ded
28 changed files with 4406 additions and 109 deletions
--- a/detector/kevuln.go
+++ b/detector/kevuln.go
@@ -59,6 +59,7 @@ func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf, logOpts logging
 		}
 	}()

+	nKEV := 0
 	if client.driver == nil {
 		var cveIDs []string
 		for cveID := range r.ScannedCves {
@@ -90,6 +91,7 @@ func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf, logOpts logging
 			v, ok := r.ScannedCves[res.request.cveID]
 			if ok {
 				v.AlertDict.CISA = alerts
+				nKEV++
 			}
 			r.ScannedCves[res.request.cveID] = v
 		}
@@ -116,9 +118,12 @@ func FillWithKEVuln(r *models.ScanResult, cnf config.KEVulnConf, logOpts logging
 			}

 			vuln.AlertDict.CISA = alerts
+			nKEV++
 			r.ScannedCves[cveID] = vuln
 		}
 	}
+
+	logging.Log.Infof("%s: Known Exploited Vulnerabilities are detected for %d CVEs", r.FormatServerName(), nKEV)
 	return nil
 }