Add NIST Compliance

README.md

@@ -133,7 +133,7 @@ $ appknox reports create 4
 3
 
 $ appknox reports download summary-csv 3
-Organization ID,Project ID,Application Name,Application Namespace,Platform,Version,Version Code,File ID,Test Case,Scan Type,Severity,Risk Override,CVSS Score,Findings,Description,Noncompliant Code Example,Compliant Solution,Business Implication,OWASP,CWE,MSTG,OWASP MASVS (v2),ASVS,PCI-DSS,GDPR,Created On
+Organization ID,Project ID,Application Name,Application Namespace,Platform,Version,Version Code,File ID,Test Case,Scan Type,Severity,Risk Override,CVSS Score,Findings,Description,Noncompliant Code Example,Compliant Solution,Business Implication,OWASP,CWE,MSTG,OWASP MASVS (v2),ASVS,PCI-DSS,GDPR,NIST SP 800-53,NIST SP 800-171,Created On
 1,1,MFVA,com.appknox.mfva,Android,1.1,1605631525,51,Broken SSL Trust Manager,Static,High,,6.9,"BluK8lNUoeHkNxZ3GVrKN9BP2
 NVWmfbtHDiJBOTbOEpCnsbMhc6T31t...(Truncated)
 

appknox/client.py

@@ -30,6 +30,7 @@
 from appknox.mapper import Organization
 from appknox.mapper import OWASP
 from appknox.mapper import PCIDSS
+from appknox.mapper import NISTSP80053,NISTSP800171
 from appknox.mapper import PersonalToken
 from appknox.mapper import ProfileReportPreference
 from appknox.mapper import Project
@@ -436,6 +437,46 @@ def get_pcidss(self, pcidss_id: str) -> PCIDSS:
         pcidss = self.drf_api["v2/pcidsses"](pcidss_id).get()
         return mapper_drf_api(PCIDSS, pcidss)
 
+    @lru_cache(maxsize=1)
+    def get_nistsp80053es(self) -> List[NISTSP80053]:
+        nistsp80053_raw = self.drf_api["v2/nistsp80053s"]().get()
+        nistsp80053 = self.paginated_drf_data(nistsp80053_raw, NISTSP80053)
+        return nistsp80053
+
+    def get_nistsp80053(self, nistsp80053_id: str) -> NISTSP80053:
+        """
+        Fetch nistsp80053 by ID
+
+        :param nistsp80053_id: nistsp80053 ID
+        """
+        nistsp80053es = self.get_nistsp80053es()
+        nistsp80053 = next((x for x in nistsp80053es if x.id == nistsp80053_id), None)
+        if nistsp80053:
+            return nistsp80053
+
+        nistsp80053 = self.drf_api["v2/nistsp80053s"](nistsp80053_id).get()
+        return mapper_drf_api(NISTSP80053, nistsp80053)
+
+    @lru_cache(maxsize=1)
+    def get_nistsp800171es(self) -> List[NISTSP800171]:
+        nistsp800171_raw = self.drf_api["v2/nistsp800171s"]().get()
+        nistsp800171 = self.paginated_drf_data(nistsp800171_raw, NISTSP800171)
+        return nistsp800171
+
+    def get_nistsp800171(self, nistsp800171_id: str) -> NISTSP800171:
+        """
+        Fetch nistsp800171 by ID
+
+        :param nistsp800171_id: nistsp800171 ID
+        """
+        nistsp800171es = self.get_nistsp800171es()
+        nistsp800171 = next((x for x in nistsp800171es if x.id == nistsp800171_id), None)
+        if nistsp800171:
+            return nistsp800171
+
+        nistsp800171 = self.drf_api["v2/nistsp800171s"](nistsp800171_id).get()
+        return mapper_drf_api(NISTSP80053, nistsp800171)
+
     def upload_file(self, file_data: str) -> int:
         """
         Upload and scan a package and returns the file_id
@@ -542,6 +583,8 @@ def get_unselected_report_preference(self, file_id: int) -> list:
             unselected_report_pref.append(ReportPreferenceMapper["show_hipaa"])
         if not profile_report_preference.show_pcidss.value:
             unselected_report_pref.append(ReportPreferenceMapper["show_pcidss"])
+        if not profile_report_preference.show_nist.value:
+            unselected_report_pref.append(ReportPreferenceMapper["show_nist"])
         return unselected_report_pref
 
     def list_reports(self, file_id: int) -> typing.List["Report"]:

appknox/mapper.py

@@ -69,6 +69,8 @@ def mapper_drf_api(model: type, resource: dict) -> object:
         "masvs",
         "asvs",
         "gdpr",
+        "nistsp80053",
+        "nistsp800171",
         "computed_risk",
         "overridden_risk",
     ],
@@ -93,12 +95,17 @@ def mapper_drf_api(model: type, resource: dict) -> object:
 
 PCIDSS = namedtuple("PCIDSS", ["id", "code", "title", "description"])
 
+NISTSP80053 = namedtuple("NISTSP80053", ["id", "code", "title"])
+
+NISTSP800171 = namedtuple("NISTSP800171", ["id", "code", "title"])
+
 PersonalToken = namedtuple("AccessToken", ["name", "key"])
 
 ReportPreferenceMapper = {
     "show_pcidss": "pcidss",
     "show_hipaa": "hipaa",
     "show_gdpr": "gdpr",
+    "show_nist": "nist",
 }
 
 
@@ -112,6 +119,7 @@ class ProfileReportPreference:
     show_gdpr: ProfileReportPreferenceConfig
     show_hipaa: ProfileReportPreferenceConfig
     show_pcidss: ProfileReportPreferenceConfig
+    show_nist: ProfileReportPreferenceConfig
 
     @classmethod
     def from_json(cls, data):
@@ -121,6 +129,7 @@ def from_json(cls, data):
             show_pcidss=ProfileReportPreferenceConfig(
                 value=data["show_pcidss"]["value"]
             ),
+            show_nist=ProfileReportPreferenceConfig(value=data["show_nist"]["value"]),
         )
 
 
@@ -146,6 +155,7 @@ class ReportPreference:
         "show_ignored_analyses",
         "show_hipaa",
         "show_pcidss",
+        "show_nist",
     ]
 
     show_api_scan: bool
@@ -166,6 +176,7 @@ def from_json(cls, data: typing.Dict[str, typing.Any]) -> "ReportPreference":
             show_ignored_analyses=data["show_ignored_analyses"],
             show_hipaa=InheritedPreference.from_json(data["show_hipaa"]),
             show_pcidss=InheritedPreference.from_json(data["show_pcidss"]),
+            show_nist=InheritedPreference.from_json(data["show_nist"]),
         )
 
 

appknox/tests/test_client.py

@@ -25,6 +25,7 @@ def setUp(self):
             "show_ignored_analyses": True,
             "show_hipaa": {"value": True, "is_inherited": True},
             "show_pcidss": {"value": True, "is_inherited": True},
+            "show_nist": {"value": False, "is_inherited": True},
         }
         with mock.patch.object(Appknox, "get_organizations", self.get_org_list):
             self.ap_client = Appknox(