Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Unpacked Items to Packs #1361

Merged
merged 5 commits into from
Sep 30, 2024
Merged

Add Unpacked Items to Packs #1361

merged 5 commits into from
Sep 30, 2024

Conversation

ben-githubs
Copy link
Contributor

Background

After revamping the check-packs function in PAT, we discovered a number of rules that weren't assigned to any Packs. This PR either assigns them to a pack, or adds an exception tag to exclude them from the check.

Changes

  • Added a new pack for GCP K8s
  • Added exceptions for the Crowdstrike Unmanaged Device rules
  • A bunch of other rules got added or excluded from packs

Testing

  • pat check-packs passed, so there shouldn't be any issues with missing pack dependencies
  • pat validate passed
  • All of these rules have already existed in the repo, so if they have noise issues/bugs, we should know about them by now. They should be fine to add to packs.

@arielkr256 arielkr256 added the packs New Packs and Expansion of Existing Packs label Sep 25, 2024
arielkr256
arielkr256 reviewed Sep 26, 2024
View reviewed changes
packs/gcp_k8.yml Show resolved Hide resolved
rules/gitlab_rules/gitlab_audit_password_reset_multiple_emails.yml
@@ -8,6 +8,7 @@ LogTypes:
Tags:
- GitLab
- CVE-2023-7028
- No Pack
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we create a GitLab pack?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's only 2 detections, which is why I didn't bother. I know that means that Console-only folks won't get this detection, but I personally feel rather than release a tiny pack, it's better to just wait till we use pypanther to manage content delivery. Lmk if you feel differently!

@ben-githubs ben-githubs marked this pull request as ready for review September 27, 2024 18:44
@ben-githubs ben-githubs requested a review from a team as a code owner September 27, 2024 18:44
@arielkr256 arielkr256 enabled auto-merge (squash) September 30, 2024 15:03
@arielkr256 arielkr256 merged commit 9aafee1 into release Sep 30, 2024
8 checks passed
@arielkr256 arielkr256 deleted the ben/add-orphans-to-packs branch September 30, 2024 15:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arielkr256 arielkr256 arielkr256 approved these changes

Assignees
No one assigned
Labels
packs New Packs and Expansion of Existing Packs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ben-githubs @arielkr256