Fix parser name, Add assert on epss score and cwe

Author: AmineHazi

dojo/tools/cyberwatch/parser.py

@@ -13,13 +13,13 @@
 
 class CyberwatchParser:
     def get_scan_types(self):
-        return ["Cyberwatch scan"]
+        return ["Cyberwatch scan (Galeax)"]
 
     def get_label_for_scan_types(self, scan_type):
-        return "Cyberwatch scan"
+        return "Cyberwatch scan (Galeax)"
 
     def get_description_for_scan_types(self, scan_type):
-        return "Import Cyberwatch scan results in JSON format."
+        return "Import Cyberwatch Cve and Security Issue data in JSON format, you can get the json from this tool : https://github.com/Galeax/Cyberwatch-API-DefectDojo"
 
     def get_findings(self, filename, test):
         logger.debug(f"Starting get_findings with filename: {filename}")

unittests/tools/test_cyberwatch_parser.py

@@ -26,7 +26,9 @@ def test_one_security_issue(self):
             finding = findings[0]
             self.assertEqual("Security Issue - Fingerprint Web Application Framework", finding.title)
             self.assertEqual("Info", finding.severity)
-            # Expect both endpoints to have the same host as per new JSON
+            # Validate endpoints
+            for endpoint in finding.unsaved_endpoints:
+                endpoint.clean()
             endpoint_hosts = [e.host for e in finding.unsaved_endpoints]
             self.assertEqual(2, len(endpoint_hosts))
             self.assertTrue(all(host == "host" for host in endpoint_hosts))
@@ -40,17 +42,19 @@ def test_one_cve(self):
             self.assertEqual(1, len(findings))
 
             finding = findings[0]
-            # When there are no products, title equals the CVE code
             self.assertEqual("CVE-2023-42366", finding.title)
             self.assertEqual("Medium", finding.severity)
             self.assertIn("CVSS Base vector:", finding.description)
             self.assertIn("CVE Published At: 2023-11-27T23:15:07.420+01:00", finding.description)
             self.assertIn("Exploit Code Maturity: proof_of_concept", finding.description)
-            self.assertIn("EPSS: 0.00044", finding.description)
-            # Since there are no updates_assets, mitigation is set to a string starting with "Fixed At:"
             self.assertTrue(finding.mitigation.startswith("Fixed At:"))
+            self.assertEqual(float(0.00044), finding.epss_score)
             self.assertEqual("Updated At: 2024-12-06T14:15:19.530+01:00", finding.references)
             self.assertEqual(1, len(finding.unsaved_endpoints))
+            self.assertEqual(787, finding.cwe)
+            # Validate endpoints
+            for endpoint in finding.unsaved_endpoints:
+                endpoint.clean()
             endpoint_hosts = [e.host for e in finding.unsaved_endpoints]
             self.assertIn("computer_name", endpoint_hosts)
 
@@ -61,27 +65,32 @@ def test_mixed_findings(self):
 
             self.assertEqual(3, len(findings))
 
-            # Separate CVEs and Security Issues by title
             cve_findings = [f for f in findings if f.title.startswith("CVE-")]
             security_issues = [f for f in findings if f.title.startswith("Security Issue")]
 
             self.assertEqual(1, len(cve_findings))
             self.assertEqual(2, len(security_issues))
 
-            # For the CVE finding, check expected properties
             cve_finding = cve_findings[0]
             self.assertEqual("CVE-2023-42366", cve_finding.title)
             self.assertEqual("Medium", cve_finding.severity)
             self.assertIn("CVE Published At:", cve_finding.description)
             self.assertIn("Updated At: 2024-12-06T14:15:19.530+01:00", cve_finding.references)
             self.assertEqual(1, len(cve_finding.unsaved_endpoints))
+            self.assertEqual(float(0.00044), cve_finding.epss_score)
+            self.assertEqual(787, cve_finding.cwe)
+            # Validate endpoints
+            for endpoint in cve_finding.unsaved_endpoints:
+                endpoint.clean()
             self.assertIsNone(cve_finding.component_name)
 
-            # For each security issue, check that title and severity are valid and endpoints exist
             for sec_issue in security_issues:
                 self.assertTrue(sec_issue.title.startswith("Security Issue - "))
                 self.assertIn(sec_issue.severity, ["Critical", "High", "Medium", "Low", "Info"])
                 self.assertTrue(len(sec_issue.unsaved_endpoints) > 0)
+                # Validate endpoints
+                for endpoint in sec_issue.unsaved_endpoints:
+                    endpoint.clean()
                 self.assertIsNotNone(sec_issue.description)
                 self.assertIsNotNone(sec_issue.mitigation)
                 self.assertIsNotNone(sec_issue.impact)