"""OWASP Top 10 knowledge base for Shield Agents.""" OWASP_TOP_10_2021 = { "A01": { "name": "Broken Access Control", "description": "Access control enforces policy such that users cannot act outside their intended permissions.", "url": "https://owasp.org/Top10/A01_2021-Broken_Access_Control/", }, "A02": { "name": "Cryptographic Failures", "description": "Failures related to cryptography which often lead to sensitive data exposure.", "url": "https://owasp.org/Top10/A02_2021-Cryptographic_Failures/", }, "A03": { "name": "Injection", "description": "SQL injection, NoSQL injection, OS command injection, and LDAP injection.", "url": "https://owasp.org/Top10/A03_2021-Injection/", }, "A04": { "name": "Insecure Design", "description": "Missing or ineffective security controls and architecture flaws.", "url": "https://owasp.org/Top10/A04_2021-Insecure_Design/", }, "A05": { "name": "Security Misconfiguration", "description": "Missing security hardening, unnecessary features enabled, default accounts.", "url": "https://owasp.org/Top10/A05_2021-Security_Misconfiguration/", }, "A06": { "name": "Vulnerable and Outdated Components", "description": "Using components with known vulnerabilities.", "url": "https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/", }, "A07": { "name": "Identification and Authentication Failures", "description": "Authentication and session management weaknesses.", "url": "https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/", }, "A08": { "name": "Software and Data Integrity Failures", "description": "Code and infrastructure not protected against integrity violations.", "url": "https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/", }, "A09": { "name": "Security Logging and Monitoring Failures", "description": "Insufficient logging, monitoring, and alerting.", "url": "https://owasp.org/Top10/A09_2021-Security_Logging_and_Monitoring_Failures/", }, "A10": { "name": "Server-Side Request Forgery", "description": "Application fetches remote resources without validating user-supplied URLs.", "url": "https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/", }, } def get_owasp_category(vulnerability_type: str) -> dict: """Get OWASP category for a vulnerability type. Args: vulnerability_type: Type of vulnerability (e.g., 'sql_injection', 'xss'). Returns: OWASP category dictionary. """ mapping = { "sql_injection": "A03", "xss": "A03", "command_injection": "A03", "path_traversal": "A01", "broken_access_control": "A01", "sensitive_data_exposure": "A02", "crypto_failure": "A02", "security_misconfiguration": "A05", "auth_failure": "A07", "ssrf": "A10", "deserialization": "A08", "outdated_component": "A06", "logging_failure": "A09", "injection": "A03", "insecure_design": "A04", } category_id = mapping.get(vulnerability_type.lower(), "A03") return OWASP_TOP_10_2021.get(category_id, OWASP_TOP_10_2021["A03"])