Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add process posture check #1693

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
Open

Add process posture check #1693

wants to merge 25 commits into from

Conversation

bcmmbaga
Copy link
Contributor

@bcmmbaga bcmmbaga commented Mar 12, 2024
edited

Describe your changes

Add support for process posture check.

Extends the management behavior as follows:

  • Upon peer login, the management will also include the posture checks applied on the peer, which are to be evaluated on the client.
  • During synchronization, the management will receive the updated peer metadata, update them if there are any changes, and return the currently applied posture checks on the peer.
  • Evaluation of checks in client side and sync of metadata when there is changes on applied client checks

Issue ticket number and link

Checklist

  • Is it a bug fix
  • Is a typo/documentation fix
  • Is a feature enhancement
  • It is a refactor
  • Created tests that fail without the change (if possible)
  • Extended the README / documentation, if necessary

@bcmmbaga bcmmbaga marked this pull request as ready for review March 13, 2024 09:18
@bcmmbaga bcmmbaga requested a review from lixmal March 13, 2024 10:19
@bcmmbaga
Allow set of single unix or windows path check
cc60df7
@bcmmbaga
Add single Unix/Windows path check in process tests
9db450d
@bcmmbaga
Refactor
1a5d59b
@bcmmbaga
Fix tests
4ab993c
@bcmmbaga
Fix linters
90ab2f7
@bcmmbaga
Refactor posture check validations (#1705)
180f5a1 
* Add posture checks validation

* Refactor code to incorporate posture checks validation directly into management.

* Add posture checks validation for geolocation, OS version, network, process, and NB-version

* Fix tests
lixmal
lixmal previously approved these changes Mar 15, 2024
View reviewed changes
@mlsmaycon mlsmaycon requested a review from lixmal March 15, 2024 09:23
mlsmaycon
mlsmaycon previously approved these changes Mar 15, 2024
View reviewed changes
@mlsmaycon mlsmaycon self-requested a review March 15, 2024 14:56
@bcmmbaga bcmmbaga marked this pull request as draft March 15, 2024 15:10
@bcmmbaga bcmmbaga marked this pull request as ready for review April 10, 2024 09:28
@braginini braginini mentioned this pull request Apr 11, 2024
Open
pappz
pappz previously approved these changes Apr 15, 2024
View reviewed changes
@bcmmbaga
Extend management to sync meta and posture checks with peer (#1727)
c6ab215 
* Add method to retrieve peer's applied posture checks

* Add posture checks in server response and update proto messages

* Refactor

* Extends peer metadata synchronization through SyncRequest and propagate posture changes on syncResponse

* Remove account lock

* Pass system info on sync

* Fix tests

* Refactor

* resolve merge

* Evaluate process check on client (#1749)

* implement  server and client sync peer meta alongside mocks

* wip: add check file and process

* Add files to peer metadata for process check

* wip: update peer meta on first sync

* Add files to peer's metadata

* Evaluate process check using files from peer metadata

* Fix panic and append windows path to files

* Fix check network address and files equality

* Evaluate active process on darwin

* Evaluate active process on linux

* Skip processing processes if no paths are set

* Return network map on peer meta-sync and update account peer's

* Update client network map on meta sync

* Get system info with applied checks

* Add windows package

* Remove a network map from sync meta-response

* Update checks proto message

* Keep client checks state and sync meta on checks change

* Evaluate a running process

* skip build for android and ios

* skip check file and process for android and ios

* bump gopsutil version

* fix tests

* move process check to separate os file

* refactor

* evaluate info with checks on receiving management events

* skip meta-update for an old client with no meta-sync support

* Check if peer meta is empty without reflection
@bcmmbaga bcmmbaga dismissed stale reviews from pappz and lixmal via c6ab215 April 15, 2024 13:00
@mlsmaycon mlsmaycon mentioned this pull request Apr 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pappz pappz pappz left review comments

@lixmal lixmal Awaiting requested review from lixmal

@mlsmaycon mlsmaycon Awaiting requested review from mlsmaycon

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@bcmmbaga @mlsmaycon @pappz @lixmal