pages-core icon indicating copy to clipboard operation
pages-core copied to clipboard

Published 20 hours ago verified publisher icon cloud-gov

parse and analyze monthly netsparker reports (July 15)

Open amirbey opened this issue 4 years ago • 4 comments

Background (Optional)

Monthly webscans report are manually processed and should be streamlined. The webscan team now provides a json version of the report that can be parsed and summarized automagically.

Acceptance Criteria

  • [x] script (Google app script) parses the reports folder and generates summary of actual findings
  • [ ] includes information for all severities, CVEs
  • [ ] compares against list of active Federalist sites

After evaluating, edit this part:

Level of effort - <low/medium/high>

Implementation outline (if higher than "low" effort):

  • [x] Google App Script parses reports folder

amirbey avatar Nov 04 '21 15:11 amirbey

Started working on a PoC. Looks like we do have enough information to create and improve upon the spreadsheet that Sue currently uses.

This is currently blocked by Cloudlock and I have created a ticket to address with GSA IT.

davemcorwin avatar Nov 22 '21 18:11 davemcorwin

Followed GSA instructions on renaming the file to avoid Cloudlock, but that also failed so I submitted the script for GSA approval.

davemcorwin avatar Dec 26 '21 21:12 davemcorwin

Sheet: https://docs.google.com/spreadsheets/d/1j4bJ_tbjBR-fprPmbka9g139bOXv8rNUZnZwO3Tn3c8/edit#gid=0 Script: https://script.google.com/home/projects/1o5rrhPJbnPulqX6grYX-6Ok6X78Ecmc1-kVbXQ_uAHzCCXHzWXu1yZSs/edit

davemcorwin avatar Dec 26 '21 21:12 davemcorwin

Received feedback from Sue, amended acceptance criteria to include additional requirements

hursey013 avatar Apr 29 '22 15:04 hursey013