You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For Wazuh v4.4.0 we want to add SUSE Linux Enterprise support for the Wazuh Vulnerability Detector module.
Therefore, we want to add the related testing to test this new integration. During this development, we were working on the construction of new integration tests (see this PR #1472), but these tests have already been deprecated, because we recently made a refactor of all the integration tests of vulnerability detector.
A study has been made of what would need to be added, being the following:
Documentation
Add SUSE OS to the test documentation
Feed
Add new custom SUSE feed
Suite test_feeds
Test download feeds: Prove that it is downloaded, and that the update date is recent.
Test duplicate feeds: Test that after downloading the feed again, the vulnerabilities of the feeds are not duplicated
Test import invalid feed type: Test behavior when an invalid feed URL is entered
Test validate feed content: It downloads the feed files and checks that they are parseable (XML or JSON).
Suite test_providers
Test enabled/disabled: Check that the provider's feeds start downloading when activated.
Test missing os: Test the behavior when the tag is omitted. Check failure if the tag is required, and in case it is not, it starts downloading the feeds as normal
Test OS: Test that it starts downloading the feeds of the specified OS.
Test update from year: Test if the feed is updated from a specific date. If the option does not apply, check warning warning.
Test update interval: Test that the feed is updated at the specified interval
Suite test_scan_results
Test scan provider and NVD vulnerabilities: Test that vulnerable packages are reported using the OVAL and NVD feed.
Test scan provider vulnerabilities: Test that vulnerable packages are reported using the OVAL feed (NVD contains different vulnerabilities).
Test scan vulnerability removal: Check that it generates vulnerability alert fixed after removing or updating a vulnerable package.
It is requested to add and modify what is necessary in the integration tests for the integration of SUSE in vulnerability detector.
The text was updated successfully, but these errors were encountered:
For Wazuh
v4.4.0
we want to addSUSE Linux Enterprise
support for the Wazuh Vulnerability Detector module.Therefore, we want to add the related testing to test this new integration. During this development, we were working on the construction of new integration tests (see this PR #1472), but these tests have already been deprecated, because we recently made a refactor of all the integration tests of vulnerability detector.
A study has been made of what would need to be added, being the following:
Documentation
Feed
Suite test_feeds
Test download feeds
: Prove that it is downloaded, and that the update date is recent.Test duplicate feeds
: Test that after downloading the feed again, the vulnerabilities of the feeds are not duplicatedTest import invalid feed type
: Test behavior when an invalid feed URL is enteredTest validate feed content
: It downloads the feed files and checks that they are parseable (XML or JSON).Suite test_providers
Test enabled/disabled
: Check that the provider's feeds start downloading when activated.Test missing os
: Test the behavior when the tag is omitted. Check failure if the tag is required, and in case it is not, it starts downloading the feeds as normalTest OS
: Test that it starts downloading the feeds of the specified OS.Test update from year
: Test if the feed is updated from a specific date. If the option does not apply, check warning warning.Test update interval
: Test that the feed is updated at the specified intervalSuite test_scan_results
Test scan provider and NVD vulnerabilities
: Test that vulnerable packages are reported using the OVAL and NVD feed.Test scan provider vulnerabilities
: Test that vulnerable packages are reported using the OVAL feed (NVD contains different vulnerabilities).Test scan vulnerability removal
: Check that it generates vulnerability alert fixed after removing or updating a vulnerable package.It is requested to add and modify what is necessary in the integration tests for the integration of SUSE in vulnerability detector.
The text was updated successfully, but these errors were encountered: