Wiz parser: Import findings regardless of status

[valentijnscholten]

Description
The Wiz CLI parser only imported findings with status Open whereas other (Wiz) parsers always import all findings regardless of status.

fixes #11581

Test results
Unit test updated.

Checklist

This checklist is for your information.

• Make sure to rebase your PR against the very latest dev.
• Features/Changes should be submitted against the dev.
• Bugfixes should be submitted against the bugfix branch.
• Give a meaningful name to your PR, as it may end up being used in the release notes.
• Your code is flake8 compliant.
• Your code is python 3.11 compliant.
• If this is a new feature and not a bug fix, you've included the proper documentation in the docs at https://github.com/DefectDojo/django-DefectDojo/tree/dev/docs as part of this PR.
• Model changes must include the necessary migrations in the dojo/db_migrations folder.
• Add applicable tests to the unit tests.
• Add the proper label to categorize your PR.

[dryrunsecurity]

DryRun Security Summary

The pull request improves the parsing and handling of Wiz security findings in DefectDojo by refactoring the WizParser class, adding a centralized status conversion method, and expanding test coverage to ensure more accurate and consistent processing of security findings.

Expand for full summary

Summary:

The code changes in this pull request focus on improving the parsing and handling of security findings from the Wiz security tool within the DefectDojo application. The key changes include:

1. The addition of a new static method convert_status in the WizcliParsers class, which provides a centralized way to convert Wiz finding statuses (e.g., "OPEN", "RESOLVED", "IGNORED") to a standardized set of status flags (e.g., "active", "is_mitigated", "out_of_scope"). This helps maintain consistency in the way findings are represented and tracked within the application.

2. Refactoring of the WizParser class to handle different CSV formats, where the finding title is either in the "Title" field or in the "Name" and "DetailedName" fields. This improves the reliability and robustness of the parser when processing Wiz scan results.

3. Improvements to the status handling, description construction, and severity validation in the WizParser class, which enhance the accuracy and clarity of the security findings imported from Wiz.

4. Addition of new test cases in the test_wiz_parser.py file, which cover a wider range of security findings, including Kubernetes-related issues and container image vulnerabilities with different statuses and severities. This helps ensure the WizParser class can correctly handle the diverse set of findings reported by the Wiz tool.

Files Changed:

1. dojo/tools/wizcli_common_parsers/parsers.py: This file introduces a new convert_status method in the WizcliParsers class, which provides a centralized way to convert Wiz finding statuses to a standardized set of status flags.

2. dojo/tools/wiz/parser.py: This file contains the changes to the WizParser class, including the refactoring of the parsing logic, improved status handling, description construction, and severity validation.

3. unittests/tools/test_wiz_parser.py: This file includes the addition of new test cases to cover a wider range of security findings, ensuring the WizParser class can correctly handle the diverse set of findings reported by the Wiz tool.

Overall, these changes demonstrate a commitment to improving the security monitoring and reporting capabilities of the DefectDojo application by enhancing the reliability and accuracy of the Wiz parser.

Code Analysis

We ran 9 analyzers against 4 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[valentijnscholten]

I was working of bugfix, let me know if it needs to be dev.

[mtesauro]

I was working of bugfix, let me know if it needs to be dev.

bugfix is fine for this one 👍

[mtesauro]

Approved