DefectDojo
diff --git a/‎dojo/forms.py‎
Lines changed: 1 addition & 0 deletions b/‎dojo/forms.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎dojo/templates/dojo/import_scan_results.html‎
Lines changed: 2 additions & 0 deletions b/‎dojo/templates/dojo/import_scan_results.html‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎dojo/tools/factory.py‎
Lines changed: 3 additions & 0 deletions b/‎dojo/tools/factory.py‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎dojo/tools/kiuwan/__init__.py‎ b/‎dojo/tools/kiuwan/__init__.py‎
diff --git a/‎dojo/tools/kiuwan/parser.py‎
Lines changed: 79 additions & 0 deletions b/‎dojo/tools/kiuwan/parser.py‎
Lines changed: 79 additions & 0 deletions
@@ -292,6 +292,7 @@ class ImportScanForm(forms.Form):
                          ("Anchore Engine Scan", "Anchore Engine Scan"),
                          ("Bundler-Audit Scan", "Bundler-Audit Scan"),
                          ("Twistlock Image Scan", "Twistlock Image Scan"),
+                         ("Kiuwan Scan", "Kiuwan Scan"),
                          ("Blackduck Hub Scan", "Blackduck Hub Scan"))
 
     SORTED_SCAN_TYPE_CHOICES = sorted(SCAN_TYPE_CHOICES, key=lambda x: x[1])
 
@@ -73,6 +73,8 @@ <h3> Add Tests</h3>
 	<li><b>Veracode Detailed XML Report</b></li>
 	<li><b>Zed Attack Proxy</b> - ZAP XML report format.</li>
 	<li><b>Acunetix Scanner</b> - XML format.</li>
+	<li><b>Kiuwan Scanner</b> - Import Kiuwan Scan in CSV format. Export as CSV Results on Kiuwan.</li>
+
     </ul>
 
 	{% if additional_message %}
 
@@ -44,6 +44,7 @@
 from dojo.tools.anchore_engine.parser import AnchoreEngineScanParser
 from dojo.tools.bundler_audit.parser import BundlerAuditParser
 from dojo.tools.twistlock.parser import TwistlockParser
+from dojo.tools.kiuwan.parser import KiuwanCSVParser
 from dojo.tools.blackduck.parser import BlackduckHubCSVParser
 
 __author__ = 'Jay Paz'
@@ -148,6 +149,8 @@ def import_parser_factory(file, test, scan_type=None):
         parser = BundlerAuditParser(file, test)
     elif scan_type == 'Twistlock Image Scan':
         parser = TwistlockParser(file, test)
+    elif scan_type == 'Kiuwan Scan':
+        parser = KiuwanCSVParser(file, test)
     elif scan_type == 'Blackduck Hub Scan':
         parser = BlackduckHubCSVParser(file, test)
     else:
 
@@ -0,0 +1,79 @@
+import StringIO
+import csv
+import hashlib
+from dojo.models import Finding
+
+__author__ = 'dr3dd589'
+
+
+class Severityfilter():
+    def __init__(self):
+        self.severity_mapping = {'Normal': 'Info',
+                                 'Low': 'Low',
+                                 'Medium': 'Medium',
+                                 'High': 'High',
+                                 'Very High': 'Critical'
+                                 }
+        self.severity = None
+
+    def eval_column(self, column_value):
+        if column_value in self.severity_mapping.keys():
+            self.severity = self.severity_mapping[column_value]
+        else:
+            self.severity = 'Info'
+
+
+class KiuwanCSVParser(object):
+    def __init__(self, filename, test):
+        self.dupes = dict()
+        self.items = ()
+
+        if filename is None:
+            self.items = ()
+            return
+
+        content = filename.read()
+        reader = csv.DictReader(StringIO.StringIO(content), delimiter=',', quotechar='"')
+        csvarray = []
+
+        for row in reader:
+            csvarray.append(row)
+
+        for row in csvarray:
+            finding = Finding(test=test)
+            findingdict = {}
+            severityfilter = Severityfilter()
+            severityfilter.eval_column(row['Priority'])
+            findingdict['severity'] = severityfilter.severity
+            findingdict['title'] = row['Rule']
+            findingdict['description'] = "**Source file** : " + row['Source file'] + "\n\n" + \
+                                        "**Vulnerability type** : " + row['Vulnerability type'] + "\n\n" + \
+                                        "**Status** : " + row['Status'] + "\n\n" + \
+                                        "**CWE Scope** : " + row['CWE Scope'] + "\n\n" + \
+                                        "**Line text** : " + row['Line text'] + "\n\n" + \
+                                        "**Normative** : " + row['Normative'] + "\n\n" + \
+                                        "**Line number** : " + row['Line number'] + "\n\n" + \
+                                        "**Rule code** : " + row['Rule code'] + "\n\n" + \
+                                        "**File** : " + row['File'] + "\n\n" + \
+                                        "**Source line text** : " + row['Source line text'] + "\n\n" + \
+                                        "**Source line number** : " + row['Source line number'] + "\n"
+
+            finding.title = findingdict['title']
+            finding.description = findingdict['description']
+            finding.references = "Not provided!"
+            finding.mitigation = "Not provided!"
+            finding.severity = findingdict['severity']
+            finding.cwe = row['CWE']
+
+            if finding is not None:
+                if finding.title is None:
+                    finding.title = ""
+                if finding.description is None:
+                    finding.description = ""
+
+                key = hashlib.md5(finding.severity + '|' + finding.title + '|' + finding.description).hexdigest()
+
+                if key not in self.dupes:
+                    self.dupes[key] = finding
+
+        self.items = self.dupes.values()