@mitre/hdf-converters
v2.11.1
Published
Converter util library used to transform various scan results into HDF format
Downloads
5,571
Keywords
Readme
OHDF Converters
"OASIS Heimdall Data Format (OHDF)" is our common data exchange format to preserve and transform security data.
OHDF Converters supplies several methods to convert various types of security tool data to and from the OHDF standard. OHDF Converters can be used in a variety of tools, and is currently well integrated with Heimdall itself, and the SAF CLI.
Supported Formats
- [anchore-grype-mapper] - Anchore Grype container security scanning results file
- [asff-mapper] - AWS Security Finding Format JSON file, Prowler-derived AWS Security Finding Format results from concatenated JSON blobs, and Trivy-derived AWS Security Finding Format results from concatenated JSON blobs
- [aws-config-mapper] - AWS Config
- [burpsuite-mapper] - BurpSuite Pro XML file
- [caat-mapper] - Compliance Assessment and Audit Tracking (CAAT) file
- [checklist-mapper] - Checlist Mapper format
- [conveyor-mapper] - Conveyor JSON file
- [cyclonedx-sbom-mapper] - CycloneDX SBOM JSON file
- [dbprotect-mapper] - DBProtect report in "Check Results Details" XML format
- [dependency-track-mapper] - OWASP Dependency-Track Finding Packaging Format (FPF)
- [fortify-mapper] - Fortify results FVDL file
- [gosec-mapper] - gosec results JSON file
- [ionchannel-mapper] - SBOM data from Ion Channel
- [jfrog-xray-mapper] - JFrog Xray results JSON file
- [msft-secure-mapper] - Microsoft Secure Score results file
- [nessus-mapper] - Nessus XML results file
- [netsparker-mapper] - Netsparker XML results file
- [neuvector-mapper] - NeuVector JSON results file
- [nikto-mapper] - Nikto results JSON file
- [prisma-mapper] - Prisma Cloud Scan Report CSV file
- [sarif-mapper] - SARIF JSON file
- [scoutsuite-mapper] - ScoutSuite results from a Javascript object
- [snyk-mapper] - Snyk results JSON file
- [sonarqube-mapper] - SonarQube vulnerabilities for the specified project name and optional branch or pull/merge request ID name from an API
- [splunk-mapper] - Splunk instance
- [trufflehog-mapper] - Trufflehog results json file
- [twistlock-mapper] - Twistlock CLI output file
- [veracode-mapper] - Veracode Scan Results XML file
- [xccdf-results-mapper] - SCAP client XCCDF-Results XML report
- [zap-mapper] - OWASP ZAP results JSON
NOTICE
© 2022 The MITRE Corporation.
Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
NOTICE
MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
NOTICE
This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.