rule option for auto tags and remove tags

[vtasio]

Ability to add a rule in the rule page to auto add/remove tag.

Also added the Condition "custom" that at the moment you can add json in order to have "AND" in the condition. For example:

[{"__icontains": "Service 'https' is running on port 'tcp/443'"},{"__icontains": "Missing"}]

will try to match both in order to be True.

Also added the code for alert notification because it was missing.

This is what i have successfully tested in order to add and remove a Tag. The Tag is the name of the rule.

[MaKyOtOx]

Nice idea @vtasio ! I'm working on splitting the rules into:

• Notifications (email, slack, theHive alert)
• Alerts/Alarms
• Tags (thanks to you)

Question before live testing: How do you set multiple conditions using the Django template ? Did you set it directly ? using APIs ?

The next steps should be the ability to create a scan definition with assets dynamically identified using tags.

[vtasio]

I did not found a way to add multiple conditions without changing a lot of code. The easiest way i found and also added to this PR was to add custom condition and fill in valid JSON format of conditions by hand:

In order to find missing finding i am concating title and metadata as you will see in the code. [{"__icontains": "Service 'https' is running on port 'tcp/443'"},{"__icontains": "Missing"}]

[vtasio]

Also i believe multiple condition should be implemented in all rules that you describe above. Maybe with a more user friendly way than mine

[sonarqubecloud[bot]]

SonarCloud Quality Gate failed.

1 Bug
0 Vulnerabilities
0 Security Hotspots
11 Code Smells

No Coverage information
18.8% Duplication