|
1
|
1 |
|
import logging |
|
2
|
|
|
|
|
3
|
1 |
|
from ..namespaces import NAMESPACES |
|
4
|
|
|
|
|
5
|
|
|
# pylint: disable=line-too-long |
|
6
|
1 |
|
KNOWN_REFERENCES = { |
|
7
|
|
|
"http://www.ssi.gouv.fr/administration/bonnes-pratiques/": "ANSSI", |
|
8
|
|
|
"https://public.cyber.mil/stigs/cci/": "CCI", |
|
9
|
|
|
"https://www.ccn-cert.cni.es/pdf/guias/series-ccn-stic/guias-de-acceso-publico-ccn-stic/6768-ccn-stic-610a22-perfilado-de-seguridad-red-hat-enterprise-linux-9-0/file.html": "CCN for RHEL 9", # noqa: E501 |
|
10
|
|
|
"https://www.cisecurity.org/controls/": "CIS", |
|
11
|
|
|
"https://www.cisecurity.org/benchmark/red_hat_linux/": "CIS for RHEL", |
|
12
|
|
|
"https://www.fbi.gov/file-repository/cjis-security-policy-v5_5_20160601-2-1.pdf": "CJIS", # noqa: E501 |
|
13
|
|
|
"http://www.cnss.gov/Assets/pdf/CNSSI-1253.pdf": "CNSS", |
|
14
|
|
|
"https://www.isaca.org/resources/cobit": "COBIT", |
|
15
|
|
|
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf": "CUI", # noqa: E501 |
|
16
|
|
|
"https://www.gpo.gov/fdsys/pkg/CFR-2007-title45-vol1/pdf/CFR-2007-title45-vol1-chapA-subchapC.pdf": "HIPAA", # noqa: E501 |
|
17
|
|
|
"https://www.isa.org/products/ansi-isa-62443-3-3-99-03-03-2013-security-for-indu": "ISA-62443-2013", # noqa: E501 |
|
18
|
|
|
"https://www.isa.org/products/isa-62443-2-1-2009-security-for-industrial-automat": "ISA-62443-2009", # noqa: E501 |
|
19
|
|
|
"https://www.cyber.gov.au/acsc/view-all-content/ism": "ISM", |
|
20
|
|
|
"https://www.iso.org/standard/54534.html": "ISO 27001-2013", |
|
21
|
|
|
"https://www.nerc.com/pa/Stand/Standard%20Purpose%20Statement%20DL/US_Standard_One-Stop-Shop.xlsx": "NERC-CIP", # noqa: E501 |
|
22
|
|
|
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf": "NIST 800-53", # noqa: E501 |
|
23
|
|
|
"https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf": "NIST CSF", # noqa: E501 |
|
24
|
|
|
"https://www.niap-ccevs.org/Profile/PP.cfm": "OSPP", |
|
25
|
|
|
"https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-2-1.pdf": "PCI-DSS v3", # noqa: E501 |
|
26
|
|
|
"https://docs-prv.pcisecuritystandards.org/PCI%20DSS/Standard/PCI-DSS-v4_0.pdf": "PCI-DSS v4", # noqa: E501 |
|
27
|
|
|
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=application-servers": "SRG-APP", # noqa: E501 |
|
28
|
|
|
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cgeneral-purpose-os": "SRG-OS", # noqa: E501 |
|
29
|
|
|
"https://public.cyber.mil/stigs/downloads/?_dl_facet_stigs=operating-systems%2Cunix-linux": "STIG ID", # noqa: E501 |
|
30
|
|
|
"https://public.cyber.mil/stigs/srg-stig-tools/": "STIG ref", |
|
31
|
|
|
} |
|
32
|
|
|
# pylint: enable=line-too-long |
|
33
|
|
|
|
|
34
|
|
|
|
|
35
|
1 |
|
def update_references(root): |
|
36
|
1 |
|
references_elements = root.findall(".//xccdf:Benchmark/xccdf:reference", NAMESPACES) |
|
37
|
1 |
|
if len(references_elements) == 0: |
|
38
|
1 |
|
logging.warning( |
|
39
|
|
|
"Mapping of references was not found. So search by references is disabled." |
|
40
|
|
|
) |
|
41
|
1 |
|
for ref_el in references_elements: |
|
42
|
|
|
href = ref_el.get("href") |
|
43
|
|
|
if href is not None: |
|
44
|
|
|
KNOWN_REFERENCES[href] = ref_el.text |
|
45
|
|
|
|
OpenSCAP /
openscap-report
