mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 04:15:54 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
2113 commits 88 branches 214 tags 262 MiB
Commit graph

13 commits

Author SHA1 Message Date
mmetc
c161eb270b
pkg/cwhub: refact Item.State.(Downloaded | Installed) (#3476) 2025-02-25 10:09:29 +01:00
mmetc
7a1ad8376a
lint: style, autofix (#3354) 2024-12-05 10:40:48 +01:00
Thibault "bui" Koechlin
9067106ac0
Support multiple appsec configs (#3314) 
* support multiple appsec configs
 2024-11-15 16:40:48 +01:00
mmetc
89aec7cf6b
pkg/cwhub: simpler accessor methods (#3165) 
* pkg/cwhub: simpler accessor methods

 - prefer higher level GetItemsByType, GetInstalledByType over GetItemMap
 - always send both appsec-rules and scenarios to api
 - explicit parameter for (case insensitive) sorted list of items
 - shorter code
 - assume itemType parameter makes sense, don't error

* lint (gofumpt)
 2024-08-22 12:12:40 +02:00
mmetc
136dba61d9
reduce log verbosity, minor CI fixes, lint (#3157) 
* pkg/cwhub: redundant log messages

* CI: fixture output and elapsed time

* CI: preload only essential hub items

* report full version (including -rc2 etc.) with cscli hub update --debug

* lint
 2024-08-01 10:55:04 +02:00
blotus
a3d7900b5f
update expr (#3144) 2024-07-22 12:14:46 +02:00
mmetc
206211ce53
lint: import statement order (#3085) 
* lint: import statement order

* lint
 2024-06-26 12:16:17 +02:00
blotus
09afcbe93a
appsec: respect on_success parameter in hooks (#3017) 2024-05-24 14:42:17 +02:00
blotus
332af5dd8d
appsec: split return code for bouncer and user (#2821) 2024-02-09 14:39:34 +01:00
blotus
84606eb207
Appsec hooks fixes (#2769) 2024-01-22 13:33:20 +01:00
mmetc
08794c5b6d
[appsec] waf tester (#2746) 2024-01-16 11:39:23 +01:00
blotus
33e3fdabe4
Appsec additional fixes (#2676) 2023-12-21 11:51:04 +01:00
Thibault "bui" Koechlin
8cca4346a5
Application Security Engine Support (#2273) 
Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-12-07 12:21:04 +01:00