Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Cloud Security] [Vulnerabilities] Custom renderers for Group by Resource, Cloud account and CVE #174950

Merged

Conversation

opauloh
Copy link
Contributor

@opauloh opauloh commented Jan 16, 2024

Summary

It closes #169052, #169048 and #172197

This PR adds the following changes to the Findings -> Vulnerabilities page:

  • Added Severity mapping component to all Vulnerabilities grouping
  • Added Cloud account grouping to the Vulnerabilities default groups (groups by cloud.account.name)
  • Added CVE grouping to the Vulnerabilities default groups (groups by vulnerability.id)

It also introduced the following changes:

  • Added utility to retrieve cloud providers names from a cloud provider abbreviation (aws, azure, gcp)
  • Added component to retrieve cloud provider icons from a cloud provider abbreviation (aws, azure, gcp)
  • Fixed Benchmarks page was displaying Google Cloud Provider for GCP instead of Google Cloud Platform.
  • Added / Updated FTR tests for vulnerability grouping

Screenshots

image

image image image image

Recording

Screen.Recording.2024-01-16.at.9.43.28.AM.mov

@opauloh opauloh added release_note:skip Skip the PR/issue when compiling release notes Team:Cloud Security Cloud Security team related v8.13.0 labels Jan 16, 2024
@opauloh opauloh requested a review from a team as a code owner January 16, 2024 17:47
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

@opauloh opauloh changed the title [Cloud Security] [Vulnerabilities] Custom renderers for Resource and Cloud account grouping [Cloud Security] [Vulnerabilities] Custom renderers for Group by Resource, Cloud account and CVE Jan 18, 2024
@Omolola-Akinleye Omolola-Akinleye self-requested a review January 19, 2024 22:33
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
cloudSecurityPosture 397 399 +2

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
cloudSecurityPosture 390.7KB 395.2KB +4.6KB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

case GROUPING_OPTIONS.CLOUD_ACCOUNT_NAME:
return [
...aggMetrics,
getTermAggregation('cloudProvider', VULNERABILITY_FIELDS.CLOUD_PROVIDER),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't we filter by cloud account name here? Correct me if I am wrong.

@Omolola-Akinleye Omolola-Akinleye self-requested a review January 25, 2024 18:12
@opauloh opauloh merged commit 2a27b83 into elastic:main Jan 25, 2024
17 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jan 25, 2024
CoenWarmer pushed a commit to CoenWarmer/kibana that referenced this pull request Feb 15, 2024
…urce, Cloud account and CVE (elastic#174950)

## Summary

It closes elastic#169052, elastic#169048 and
[elastic#172197](elastic#172197)

This PR adds the following changes to the Findings -> Vulnerabilities
page:

- Added Severity mapping component to all Vulnerabilities grouping
- Added Cloud account grouping to the Vulnerabilities default groups
(groups by `cloud.account.name`)
- Added CVE grouping to the Vulnerabilities default groups (groups by
`vulnerability.id`)

It also introduced the following changes:

- Added utility to retrieve cloud providers names from a cloud provider
abbreviation (aws, azure, gcp)
- Added component to retrieve cloud provider icons from a cloud provider
abbreviation (aws, azure, gcp)
- Fixed Benchmarks page was displaying `Google Cloud Provider` for GCP
instead of `Google Cloud Platform`.
- Added / Updated FTR tests for vulnerability grouping

## Screenshots


![image](https://github.com/elastic/kibana/assets/19270322/cb79fc81-1b0d-4ce2-a456-af270390b1c9)


<img width="1498" alt="image"
src="https://github.com/elastic/kibana/assets/19270322/245d6c06-67bd-429b-963f-ddc67cca5af4">


<img width="1509" alt="image"
src="https://github.com/elastic/kibana/assets/19270322/028be6e4-3543-4fd8-8bee-f23535aec7b8">

<img width="1501" alt="image"
src="https://github.com/elastic/kibana/assets/19270322/c691f8b8-fca5-4d65-a182-ca26448a7ede">

<img width="1502" alt="image"
src="https://github.com/elastic/kibana/assets/19270322/caa4fe29-a542-4e33-b609-be50d29f6e37">



## Recording



https://github.com/elastic/kibana/assets/19270322/2e8d2c9d-2e3c-459c-a9e5-29f046b9ed9e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Cloud Security Cloud Security team related v8.13.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Cloud Security] [Findings++ Phase 2] [Vulnerabilities] Custom renderer for Group by cloud accounts
5 participants