From ecf5a857d487010ddba073b48e2cadb9e87167c5 Mon Sep 17 00:00:00 2001
From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com>
Date: Fri, 19 Aug 2022 13:26:26 +0000
Subject: [PATCH] feat: Adding uris to indicator of compromise (IOC) field
(#900)
- [ ] Regenerate this pull request now.
PiperOrigin-RevId: 468598080
Source-Link: https://github.com/googleapis/googleapis/commit/07c3f50155ccc78e915900646d89e83f2edfc433
Source-Link: https://github.com/googleapis/googleapis-gen/commit/dd0b32a189a9b15a794602ee5f7c7c48600f6e4a
Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiZGQwYjMyYTE4OWE5YjE1YTc5NDYwMmVlNWY3YzdjNDg2MDBmNmU0YSJ9
---
.../cloud/securitycenter/v1/Indicator.java | 276 ++++++++++++++++++
.../securitycenter/v1/IndicatorOrBuilder.java | 51 ++++
.../securitycenter/v1/IndicatorProto.java | 44 +--
.../cloud/securitycenter/v1/MitreAttack.java | 44 +++
.../securitycenter/v1/MitreAttackProto.java | 21 +-
.../cloud/securitycenter/v1/indicator.proto | 3 +
.../securitycenter/v1/mitre_attack.proto | 6 +
7 files changed, 413 insertions(+), 32 deletions(-)
diff --git a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/Indicator.java b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/Indicator.java
index 112d60fe5..acfb6b9e0 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/Indicator.java
+++ b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/Indicator.java
@@ -44,6 +44,7 @@ private Indicator() {
ipAddresses_ = com.google.protobuf.LazyStringArrayList.EMPTY;
domains_ = com.google.protobuf.LazyStringArrayList.EMPTY;
signatures_ = java.util.Collections.emptyList();
+ uris_ = com.google.protobuf.LazyStringArrayList.EMPTY;
}
@java.lang.Override
@@ -110,6 +111,16 @@ private Indicator(
extensionRegistry));
break;
}
+ case 34:
+ {
+ java.lang.String s = input.readStringRequireUtf8();
+ if (!((mutable_bitField0_ & 0x00000008) != 0)) {
+ uris_ = new com.google.protobuf.LazyStringArrayList();
+ mutable_bitField0_ |= 0x00000008;
+ }
+ uris_.add(s);
+ break;
+ }
default:
{
if (!parseUnknownField(input, unknownFields, extensionRegistry, tag)) {
@@ -135,6 +146,9 @@ private Indicator(
if (((mutable_bitField0_ & 0x00000004) != 0)) {
signatures_ = java.util.Collections.unmodifiableList(signatures_);
}
+ if (((mutable_bitField0_ & 0x00000008) != 0)) {
+ uris_ = uris_.getUnmodifiableView();
+ }
this.unknownFields = unknownFields.build();
makeExtensionsImmutable();
}
@@ -4713,6 +4727,67 @@ public com.google.cloud.securitycenter.v1.Indicator.ProcessSignature getSignatur
return signatures_.get(index);
}
+ public static final int URIS_FIELD_NUMBER = 4;
+ private com.google.protobuf.LazyStringList uris_;
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return A list containing the uris.
+ */
+ public com.google.protobuf.ProtocolStringList getUrisList() {
+ return uris_;
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return The count of uris.
+ */
+ public int getUrisCount() {
+ return uris_.size();
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the element to return.
+ * @return The uris at the given index.
+ */
+ public java.lang.String getUris(int index) {
+ return uris_.get(index);
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the value to return.
+ * @return The bytes of the uris at the given index.
+ */
+ public com.google.protobuf.ByteString getUrisBytes(int index) {
+ return uris_.getByteString(index);
+ }
+
private byte memoizedIsInitialized = -1;
@java.lang.Override
@@ -4736,6 +4811,9 @@ public void writeTo(com.google.protobuf.CodedOutputStream output) throws java.io
for (int i = 0; i < signatures_.size(); i++) {
output.writeMessage(3, signatures_.get(i));
}
+ for (int i = 0; i < uris_.size(); i++) {
+ com.google.protobuf.GeneratedMessageV3.writeString(output, 4, uris_.getRaw(i));
+ }
unknownFields.writeTo(output);
}
@@ -4764,6 +4842,14 @@ public int getSerializedSize() {
for (int i = 0; i < signatures_.size(); i++) {
size += com.google.protobuf.CodedOutputStream.computeMessageSize(3, signatures_.get(i));
}
+ {
+ int dataSize = 0;
+ for (int i = 0; i < uris_.size(); i++) {
+ dataSize += computeStringSizeNoTag(uris_.getRaw(i));
+ }
+ size += dataSize;
+ size += 1 * getUrisList().size();
+ }
size += unknownFields.getSerializedSize();
memoizedSize = size;
return size;
@@ -4783,6 +4869,7 @@ public boolean equals(final java.lang.Object obj) {
if (!getIpAddressesList().equals(other.getIpAddressesList())) return false;
if (!getDomainsList().equals(other.getDomainsList())) return false;
if (!getSignaturesList().equals(other.getSignaturesList())) return false;
+ if (!getUrisList().equals(other.getUrisList())) return false;
if (!unknownFields.equals(other.unknownFields)) return false;
return true;
}
@@ -4806,6 +4893,10 @@ public int hashCode() {
hash = (37 * hash) + SIGNATURES_FIELD_NUMBER;
hash = (53 * hash) + getSignaturesList().hashCode();
}
+ if (getUrisCount() > 0) {
+ hash = (37 * hash) + URIS_FIELD_NUMBER;
+ hash = (53 * hash) + getUrisList().hashCode();
+ }
hash = (29 * hash) + unknownFields.hashCode();
memoizedHashCode = hash;
return hash;
@@ -4966,6 +5057,8 @@ public Builder clear() {
} else {
signaturesBuilder_.clear();
}
+ uris_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+ bitField0_ = (bitField0_ & ~0x00000008);
return this;
}
@@ -5013,6 +5106,11 @@ public com.google.cloud.securitycenter.v1.Indicator buildPartial() {
} else {
result.signatures_ = signaturesBuilder_.build();
}
+ if (((bitField0_ & 0x00000008) != 0)) {
+ uris_ = uris_.getUnmodifiableView();
+ bitField0_ = (bitField0_ & ~0x00000008);
+ }
+ result.uris_ = uris_;
onBuilt();
return result;
}
@@ -5109,6 +5207,16 @@ public Builder mergeFrom(com.google.cloud.securitycenter.v1.Indicator other) {
}
}
}
+ if (!other.uris_.isEmpty()) {
+ if (uris_.isEmpty()) {
+ uris_ = other.uris_;
+ bitField0_ = (bitField0_ & ~0x00000008);
+ } else {
+ ensureUrisIsMutable();
+ uris_.addAll(other.uris_);
+ }
+ onChanged();
+ }
this.mergeUnknownFields(other.unknownFields);
onChanged();
return this;
@@ -5879,6 +5987,174 @@ public Builder removeSignatures(int index) {
return signaturesBuilder_;
}
+ private com.google.protobuf.LazyStringList uris_ =
+ com.google.protobuf.LazyStringArrayList.EMPTY;
+
+ private void ensureUrisIsMutable() {
+ if (!((bitField0_ & 0x00000008) != 0)) {
+ uris_ = new com.google.protobuf.LazyStringArrayList(uris_);
+ bitField0_ |= 0x00000008;
+ }
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return A list containing the uris.
+ */
+ public com.google.protobuf.ProtocolStringList getUrisList() {
+ return uris_.getUnmodifiableView();
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return The count of uris.
+ */
+ public int getUrisCount() {
+ return uris_.size();
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the element to return.
+ * @return The uris at the given index.
+ */
+ public java.lang.String getUris(int index) {
+ return uris_.get(index);
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the value to return.
+ * @return The bytes of the uris at the given index.
+ */
+ public com.google.protobuf.ByteString getUrisBytes(int index) {
+ return uris_.getByteString(index);
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index to set the value at.
+ * @param value The uris to set.
+ * @return This builder for chaining.
+ */
+ public Builder setUris(int index, java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ensureUrisIsMutable();
+ uris_.set(index, value);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param value The uris to add.
+ * @return This builder for chaining.
+ */
+ public Builder addUris(java.lang.String value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ ensureUrisIsMutable();
+ uris_.add(value);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param values The uris to add.
+ * @return This builder for chaining.
+ */
+ public Builder addAllUris(java.lang.Iterable values) {
+ ensureUrisIsMutable();
+ com.google.protobuf.AbstractMessageLite.Builder.addAll(values, uris_);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return This builder for chaining.
+ */
+ public Builder clearUris() {
+ uris_ = com.google.protobuf.LazyStringArrayList.EMPTY;
+ bitField0_ = (bitField0_ & ~0x00000008);
+ onChanged();
+ return this;
+ }
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param value The bytes of the uris to add.
+ * @return This builder for chaining.
+ */
+ public Builder addUrisBytes(com.google.protobuf.ByteString value) {
+ if (value == null) {
+ throw new NullPointerException();
+ }
+ checkByteStringIsUtf8(value);
+ ensureUrisIsMutable();
+ uris_.add(value);
+ onChanged();
+ return this;
+ }
+
@java.lang.Override
public final Builder setUnknownFields(final com.google.protobuf.UnknownFieldSet unknownFields) {
return super.setUnknownFields(unknownFields);
diff --git a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorOrBuilder.java b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorOrBuilder.java
index 536b52415..6f1809dba 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorOrBuilder.java
+++ b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorOrBuilder.java
@@ -187,4 +187,55 @@ public interface IndicatorOrBuilder
*/
com.google.cloud.securitycenter.v1.Indicator.ProcessSignatureOrBuilder getSignaturesOrBuilder(
int index);
+
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return A list containing the uris.
+ */
+ java.util.List getUrisList();
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @return The count of uris.
+ */
+ int getUrisCount();
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the element to return.
+ * @return The uris at the given index.
+ */
+ java.lang.String getUris(int index);
+ /**
+ *
+ *
+ *
+ * The list of URIs associated to the Findings.
+ *
+ *
+ * repeated string uris = 4;
+ *
+ * @param index The index of the value to return.
+ * @return The bytes of the uris at the given index.
+ */
+ com.google.protobuf.ByteString getUrisBytes(int index);
}
diff --git a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorProto.java b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorProto.java
index fd45924ea..6f3d276bd 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorProto.java
+++ b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/IndicatorProto.java
@@ -58,29 +58,29 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
java.lang.String[] descriptorData = {
"\n.google/cloud/securitycenter/v1/indicat"
+ "or.proto\022\036google.cloud.securitycenter.v1"
- + "\"\203\005\n\tIndicator\022\024\n\014ip_addresses\030\001 \003(\t\022\017\n\007"
+ + "\"\221\005\n\tIndicator\022\024\n\014ip_addresses\030\001 \003(\t\022\017\n\007"
+ "domains\030\002 \003(\t\022N\n\nsignatures\030\003 \003(\0132:.goog"
+ "le.cloud.securitycenter.v1.Indicator.Pro"
- + "cessSignature\032\376\003\n\020ProcessSignature\022o\n\025me"
- + "mory_hash_signature\030\006 \001(\0132N.google.cloud"
- + ".securitycenter.v1.Indicator.ProcessSign"
- + "ature.MemoryHashSignatureH\000\022k\n\023yara_rule"
- + "_signature\030\007 \001(\0132L.google.cloud.security"
- + "center.v1.Indicator.ProcessSignature.Yar"
- + "aRuleSignatureH\000\032\326\001\n\023MemoryHashSignature"
- + "\022\025\n\rbinary_family\030\001 \001(\t\022l\n\ndetections\030\004 "
- + "\003(\0132X.google.cloud.securitycenter.v1.Ind"
- + "icator.ProcessSignature.MemoryHashSignat"
- + "ure.Detection\032:\n\tDetection\022\016\n\006binary\030\002 \001"
- + "(\t\022\035\n\025percent_pages_matched\030\003 \001(\001\032&\n\021Yar"
- + "aRuleSignature\022\021\n\tyara_rule\030\005 \001(\tB\013\n\tsig"
- + "natureB\352\001\n\"com.google.cloud.securitycent"
- + "er.v1B\016IndicatorProtoP\001ZLgoogle.golang.o"
- + "rg/genproto/googleapis/cloud/securitycen"
- + "ter/v1;securitycenter\252\002\036Google.Cloud.Sec"
- + "urityCenter.V1\312\002\036Google\\Cloud\\SecurityCe"
- + "nter\\V1\352\002!Google::Cloud::SecurityCenter:"
- + ":V1b\006proto3"
+ + "cessSignature\022\014\n\004uris\030\004 \003(\t\032\376\003\n\020ProcessS"
+ + "ignature\022o\n\025memory_hash_signature\030\006 \001(\0132"
+ + "N.google.cloud.securitycenter.v1.Indicat"
+ + "or.ProcessSignature.MemoryHashSignatureH"
+ + "\000\022k\n\023yara_rule_signature\030\007 \001(\0132L.google."
+ + "cloud.securitycenter.v1.Indicator.Proces"
+ + "sSignature.YaraRuleSignatureH\000\032\326\001\n\023Memor"
+ + "yHashSignature\022\025\n\rbinary_family\030\001 \001(\t\022l\n"
+ + "\ndetections\030\004 \003(\0132X.google.cloud.securit"
+ + "ycenter.v1.Indicator.ProcessSignature.Me"
+ + "moryHashSignature.Detection\032:\n\tDetection"
+ + "\022\016\n\006binary\030\002 \001(\t\022\035\n\025percent_pages_matche"
+ + "d\030\003 \001(\001\032&\n\021YaraRuleSignature\022\021\n\tyara_rul"
+ + "e\030\005 \001(\tB\013\n\tsignatureB\352\001\n\"com.google.clou"
+ + "d.securitycenter.v1B\016IndicatorProtoP\001ZLg"
+ + "oogle.golang.org/genproto/googleapis/clo"
+ + "ud/securitycenter/v1;securitycenter\252\002\036Go"
+ + "ogle.Cloud.SecurityCenter.V1\312\002\036Google\\Cl"
+ + "oud\\SecurityCenter\\V1\352\002!Google::Cloud::S"
+ + "ecurityCenter::V1b\006proto3"
};
descriptor =
com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
@@ -91,7 +91,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
new com.google.protobuf.GeneratedMessageV3.FieldAccessorTable(
internal_static_google_cloud_securitycenter_v1_Indicator_descriptor,
new java.lang.String[] {
- "IpAddresses", "Domains", "Signatures",
+ "IpAddresses", "Domains", "Signatures", "Uris",
});
internal_static_google_cloud_securitycenter_v1_Indicator_ProcessSignature_descriptor =
internal_static_google_cloud_securitycenter_v1_Indicator_descriptor.getNestedTypes().get(0);
diff --git a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttack.java b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttack.java
index dd81c0c32..92d64b664 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttack.java
+++ b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttack.java
@@ -973,6 +973,26 @@ public enum Technique implements com.google.protobuf.ProtocolMessageEnum {
* NETWORK_SERVICE_DISCOVERY = 32;
*/
NETWORK_SERVICE_DISCOVERY(32),
+ /**
+ *
+ *
+ *
+ * T1134
+ *
+ *
+ * ACCESS_TOKEN_MANIPULATION = 33;
+ */
+ ACCESS_TOKEN_MANIPULATION(33),
+ /**
+ *
+ *
+ *
+ * T1548
+ *
+ *
+ * ABUSE_ELEVATION_CONTROL_MECHANISM = 34;
+ */
+ ABUSE_ELEVATION_CONTROL_MECHANISM(34),
UNRECOGNIZED(-1),
;
@@ -1306,6 +1326,26 @@ public enum Technique implements com.google.protobuf.ProtocolMessageEnum {
* NETWORK_SERVICE_DISCOVERY = 32;
*/
public static final int NETWORK_SERVICE_DISCOVERY_VALUE = 32;
+ /**
+ *
+ *
+ *
+ * T1134
+ *
+ *
+ * ACCESS_TOKEN_MANIPULATION = 33;
+ */
+ public static final int ACCESS_TOKEN_MANIPULATION_VALUE = 33;
+ /**
+ *
+ *
+ *
+ * T1548
+ *
+ *
+ * ABUSE_ELEVATION_CONTROL_MECHANISM = 34;
+ */
+ public static final int ABUSE_ELEVATION_CONTROL_MECHANISM_VALUE = 34;
public final int getNumber() {
if (this == UNRECOGNIZED) {
@@ -1397,6 +1437,10 @@ public static Technique forNumber(int value) {
return IMPAIR_DEFENSES;
case 32:
return NETWORK_SERVICE_DISCOVERY;
+ case 33:
+ return ACCESS_TOKEN_MANIPULATION;
+ case 34:
+ return ABUSE_ELEVATION_CONTROL_MECHANISM;
default:
return null;
}
diff --git a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttackProto.java b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttackProto.java
index 489f3891b..172123aed 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttackProto.java
+++ b/proto-google-cloud-securitycenter-v1/src/main/java/com/google/cloud/securitycenter/v1/MitreAttackProto.java
@@ -42,7 +42,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
java.lang.String[] descriptorData = {
"\n1google/cloud/securitycenter/v1/mitre_a"
+ "ttack.proto\022\036google.cloud.securitycenter"
- + ".v1\"\214\014\n\013MitreAttack\022J\n\016primary_tactic\030\001 "
+ + ".v1\"\322\014\n\013MitreAttack\022J\n\016primary_tactic\030\001 "
+ "\001(\01622.google.cloud.securitycenter.v1.Mit"
+ "reAttack.Tactic\022Q\n\022primary_techniques\030\002 "
+ "\003(\01625.google.cloud.securitycenter.v1.Mit"
@@ -58,7 +58,7 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+ "\022\023\n\017DEFENSE_EVASION\020\007\022\025\n\021CREDENTIAL_ACCE"
+ "SS\020\t\022\r\n\tDISCOVERY\020\n\022\024\n\020LATERAL_MOVEMENT\020"
+ "\013\022\016\n\nCOLLECTION\020\014\022\027\n\023COMMAND_AND_CONTROL"
- + "\020\004\022\020\n\014EXFILTRATION\020\r\022\n\n\006IMPACT\020\016\"\357\006\n\tTec"
+ + "\020\004\022\020\n\014EXFILTRATION\020\r\022\n\n\006IMPACT\020\016\"\265\007\n\tTec"
+ "hnique\022\031\n\025TECHNIQUE_UNSPECIFIED\020\000\022\023\n\017ACT"
+ "IVE_SCANNING\020\001\022\026\n\022SCANNING_IP_BLOCKS\020\002\022\031"
+ "\n\025INGRESS_TOOL_TRANSFER\020\003\022\016\n\nNATIVE_API\020"
@@ -80,14 +80,15 @@ public static com.google.protobuf.Descriptors.FileDescriptor getDescriptor() {
+ "APPLICATION\020\033\022!\n\035MODIFY_AUTHENTICATION_P"
+ "ROCESS\020\034\022\024\n\020DATA_DESTRUCTION\020\035\022\036\n\032DOMAIN"
+ "_POLICY_MODIFICATION\020\036\022\023\n\017IMPAIR_DEFENSE"
- + "S\020\037\022\035\n\031NETWORK_SERVICE_DISCOVERY\020 B\354\001\n\"c"
- + "om.google.cloud.securitycenter.v1B\020Mitre"
- + "AttackProtoP\001ZLgoogle.golang.org/genprot"
- + "o/googleapis/cloud/securitycenter/v1;sec"
- + "uritycenter\252\002\036Google.Cloud.SecurityCente"
- + "r.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!"
- + "Google::Cloud::SecurityCenter::V1b\006proto"
- + "3"
+ + "S\020\037\022\035\n\031NETWORK_SERVICE_DISCOVERY\020 \022\035\n\031AC"
+ + "CESS_TOKEN_MANIPULATION\020!\022%\n!ABUSE_ELEVA"
+ + "TION_CONTROL_MECHANISM\020\"B\354\001\n\"com.google."
+ + "cloud.securitycenter.v1B\020MitreAttackProt"
+ + "oP\001ZLgoogle.golang.org/genproto/googleap"
+ + "is/cloud/securitycenter/v1;securitycente"
+ + "r\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Goo"
+ + "gle\\Cloud\\SecurityCenter\\V1\352\002!Google::Cl"
+ + "oud::SecurityCenter::V1b\006proto3"
};
descriptor =
com.google.protobuf.Descriptors.FileDescriptor.internalBuildGeneratedFileFrom(
diff --git a/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/indicator.proto b/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/indicator.proto
index e14e57abc..1cbfdfa2c 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/indicator.proto
+++ b/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/indicator.proto
@@ -76,4 +76,7 @@ message Indicator {
// The list of matched signatures indicating that the given
// process is present in the environment.
repeated ProcessSignature signatures = 3;
+
+ // The list of URIs associated to the Findings.
+ repeated string uris = 4;
}
diff --git a/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/mitre_attack.proto b/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/mitre_attack.proto
index 65ec70aed..ba654822b 100644
--- a/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/mitre_attack.proto
+++ b/proto-google-cloud-securitycenter-v1/src/main/proto/google/cloud/securitycenter/v1/mitre_attack.proto
@@ -177,6 +177,12 @@ message MitreAttack {
// T1046
NETWORK_SERVICE_DISCOVERY = 32;
+
+ // T1134
+ ACCESS_TOKEN_MANIPULATION = 33;
+
+ // T1548
+ ABUSE_ELEVATION_CONTROL_MECHANISM = 34;
}
// The MITRE ATT&CK tactic most closely represented by this finding, if any.