Refactoring/azure/securitycenter

ScoutSuite/providers/azure/configs/services.py

@@ -2,9 +2,9 @@
 
 from ScoutSuite.providers.base.configs.services import BaseServicesConfig
 from ScoutSuite.providers.azure.services.monitor import MonitorConfig
+from ScoutSuite.providers.azure.resources.securitycenter.security_center import SecurityCenter
 from ScoutSuite.providers.azure.resources.sqldatabase.servers import Servers
 from ScoutSuite.providers.azure.resources.storageaccounts.storageaccounts import StorageAccounts
-from ScoutSuite.providers.azure.services.securitycenter import SecurityCenterConfig
 from ScoutSuite.providers.azure.resources.network.networks import Networks
 from ScoutSuite.providers.azure.resources.keyvault.key_vaults import KeyVaults
 try:
@@ -31,8 +31,8 @@ def __init__(self, metadata=None, thread_config=4, **kwargs):
 
         self.storageaccounts = StorageAccounts()
         self.monitor = MonitorConfig(thread_config=thread_config)
+        self.securitycenter = SecurityCenter()
         self.sqldatabase = Servers()
-        self.securitycenter = SecurityCenterConfig(thread_config=thread_config)
         self.network = Networks()
         self.keyvault = KeyVaults()
 

ScoutSuite/providers/azure/facade/securitycenter.py

@@ -0,0 +1,16 @@
+from azure.mgmt.security import SecurityCenter
+from ScoutSuite.providers.utils import run_concurrently
+
+
+class SecurityCenterFacade:
+    def __init__(self, credentials, subscription_id):
+        self._client = SecurityCenter(credentials, subscription_id, '')
+
+    async def get_pricings(self):
+        return await run_concurrently(self._client.pricings.list)
+
+    async def get_security_contacts(self):
+        return await run_concurrently(self._client.security_contacts.list)
+
+    async def get_auto_provisioning_settings(self):
+        return await run_concurrently(self._client.auto_provisioning_settings.list)

ScoutSuite/providers/azure/resources/securitycenter/auto_provisioning_settings.py

@@ -0,0 +1,19 @@
+from ScoutSuite.providers.base.configs.resources import Resources
+
+
+class AutoProvisioningSettings(Resources):
+    def __init__(self, facade):
+        self.facade = facade
+
+    async def fetch_all(self):
+        for raw_settings in await self.facade.get_auto_provisioning_settings():
+            id, auto_provisioning_settings = self._parse_auto_provisioning_settings(raw_settings)
+            self[id] = auto_provisioning_settings
+
+    def _parse_auto_provisioning_settings(self, auto_provisioning_settings):
+        auto_provisioning_setting_dict = {}
+        auto_provisioning_setting_dict['id'] = auto_provisioning_settings.id
+        auto_provisioning_setting_dict['name'] = auto_provisioning_settings.name
+        auto_provisioning_setting_dict['auto_provision'] = auto_provisioning_settings.auto_provision
+
+        return auto_provisioning_setting_dict['id'], auto_provisioning_setting_dict

ScoutSuite/providers/azure/resources/securitycenter/pricings.py

@@ -0,0 +1,20 @@
+from ScoutSuite.providers.base.configs.resources import Resources
+
+
+class Pricings(Resources):
+
+    def __init__(self, facade):
+        self.facade = facade
+
+    async def fetch_all(self):
+        for raw_pricing in await self.facade.get_pricings():
+            id, pricing = self._parse_pricing(raw_pricing)
+            self[id] = pricing
+
+    def _parse_pricing(self, pricing):
+        pricing_dict = {}
+        pricing_dict['id'] = pricing.id
+        pricing_dict['name'] = pricing.name
+        pricing_dict['pricing_tier'] = pricing.pricing_tier
+
+        return pricing_dict['id'], pricing_dict

ScoutSuite/providers/azure/resources/securitycenter/security_center.py

@@ -0,0 +1,24 @@
+from ScoutSuite.providers.azure.resources.resources import AzureCompositeResources
+from ScoutSuite.providers.azure.facade.securitycenter import SecurityCenterFacade
+
+from .auto_provisioning_settings import AutoProvisioningSettings
+from .pricings import Pricings
+from .security_contacts import SecurityContacts
+
+
+class SecurityCenter(AzureCompositeResources):
+    _children = [
+        (AutoProvisioningSettings, 'auto_provisioning_settings'),
+        (Pricings, 'pricings'),
+        (SecurityContacts, 'security_contacts')
+    ]
+
+    async def fetch_all(self, credentials, **kwargs):
+        # TODO: build that facade somewhere else:
+        facade = SecurityCenterFacade(credentials.credentials, credentials.subscription_id)
+
+        await self._fetch_children(parent=self, facade=facade)
+
+        self['auto_provisioning_settings_count'] = len(self['auto_provisioning_settings'])
+        self['pricings_count'] = len(self['pricings'])
+        self['security_contacts_count'] = len(self['security_contacts'])

ScoutSuite/providers/azure/resources/securitycenter/security_contacts.py

@@ -0,0 +1,24 @@
+from ScoutSuite.providers.base.configs.resources import Resources
+
+
+class SecurityContacts(Resources):
+
+    def __init__(self, facade):
+        self.facade = facade
+
+    async def fetch_all(self):
+        for raw_contact in await self.facade.get_security_contacts():
+            id, security_contact = self._parse_security_contact(raw_contact)
+            self[id] = security_contact
+
+    def _parse_security_contact(self, security_contact):
+        security_contact_dict = {}
+        security_contact_dict['id'] = security_contact.id
+        security_contact_dict['name'] = security_contact.name
+        security_contact_dict['email'] = security_contact.email
+        security_contact_dict['phone'] = security_contact.phone
+        security_contact_dict['alert_notifications'] = security_contact.alert_notifications == "On"
+        security_contact_dict['alerts_to_admins'] = security_contact.alerts_to_admins == "On"
+        security_contact_dict['additional_properties'] = security_contact.additional_properties
+
+        return security_contact_dict['id'], security_contact_dict