[Cloud Security] Populate Missing Vulnerability Scores in Vulnerabili…

…ties Flyout

(cherry picked from commit 2a428b4)

oas_docs/output/kibana.serverless.staging.yaml

@@ -5404,7 +5404,7 @@ paths:
         - APM annotations
   /api/asset_criticality:
     delete:
-      description: Delete the asset criticality record for a specific asset if it exists.
+      description: Delete the asset criticality record for a specific entity.
       operationId: DeleteAssetCriticalityRecord
       parameters:
         - description: The ID value of the asset.
@@ -5450,11 +5450,11 @@ paths:
           description: Successful response
         '400':
           description: Invalid request
-      summary: Delete Criticality Record
+      summary: Delete an asset criticality record
       tags:
         - Security Solution Entity Analytics API
     get:
-      description: Get the criticality record for a specific asset.
+      description: Get the asset criticality record for a specific entity.
       operationId: GetAssetCriticalityRecord
       parameters:
         - description: The ID value of the asset.
@@ -5483,11 +5483,17 @@ paths:
           description: Invalid request
         '404':
           description: Criticality record not found
-      summary: Get Criticality Record
+      summary: Get an asset criticality record
       tags:
         - Security Solution Entity Analytics API
     post:
-      description: Create or update a criticality record for a specific asset.
+      description: >
+        Create or update an asset criticality record for a specific entity.
+
+
+        If a record already exists for the specified entity, that record is
+        overwritten with the specified value. If a record doesn't exist for the
+        specified entity, a new record is created.
       operationId: CreateAssetCriticalityRecord
       requestBody:
         content:
@@ -5516,14 +5522,19 @@ paths:
           description: Successful response
         '400':
           description: Invalid request
-      summary: Upsert Criticality Record
+      summary: Upsert an asset criticality record
       tags:
         - Security Solution Entity Analytics API
   /api/asset_criticality/bulk:
     post:
-      description: >-
-        Bulk upsert up to 1000 asset criticality records, creating or updating
-        them as needed.
+      description: >
+        Bulk upsert up to 1000 asset criticality records.
+
+
+        If asset criticality records already exist for the specified entities,
+        those records are overwritten with the specified values. If asset
+        criticality records don't exist for the specified entities, new records
+        are created.
       operationId: BulkUpsertAssetCriticalityRecords
       requestBody:
         content:
@@ -5577,7 +5588,7 @@ paths:
           description: Bulk upload successful
         '413':
           description: File too large
-      summary: Bulk Upsert Asset Criticality Records
+      summary: Bulk upsert asset criticality records
       tags:
         - Security Solution Entity Analytics API
   /api/asset_criticality/list:
@@ -5654,7 +5665,7 @@ paths:
                   - per_page
                   - total
           description: Bulk upload successful
-      summary: List Asset Criticality Records
+      summary: List asset criticality records
       tags:
         - Security Solution Entity Analytics API
   /api/data_views:
@@ -15401,6 +15412,10 @@ paths:
         - 'access:securitySolution'
   /api/risk_score/engine/schedule_now:
     post:
+      description: >-
+        Schedule the risk scoring engine to run as soon as possible. You can use
+        this to recalculate entity risk scores after updating their asset
+        criticality.
       operationId: ScheduleRiskEngineNow
       requestBody:
         content:
@@ -15427,7 +15442,7 @@ paths:
                 $ref: >-
                   #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse
           description: Unexpected error
-      summary: Schedule the risk engine to run as soon as possible
+      summary: Run the risk scoring engine
       tags:
         - Security Solution Entity Analytics API
   /api/saved_objects/_export:

oas_docs/output/kibana.staging.yaml

@@ -6580,7 +6580,7 @@ paths:
         - APM annotations
   /api/asset_criticality:
     delete:
-      description: Delete the asset criticality record for a specific asset if it exists.
+      description: Delete the asset criticality record for a specific entity.
       operationId: DeleteAssetCriticalityRecord
       parameters:
         - description: The ID value of the asset.
@@ -6626,11 +6626,11 @@ paths:
           description: Successful response
         '400':
           description: Invalid request
-      summary: Delete Criticality Record
+      summary: Delete an asset criticality record
       tags:
         - Security Solution Entity Analytics API
     get:
-      description: Get the criticality record for a specific asset.
+      description: Get the asset criticality record for a specific entity.
       operationId: GetAssetCriticalityRecord
       parameters:
         - description: The ID value of the asset.
@@ -6659,11 +6659,17 @@ paths:
           description: Invalid request
         '404':
           description: Criticality record not found
-      summary: Get Criticality Record
+      summary: Get an asset criticality record
       tags:
         - Security Solution Entity Analytics API
     post:
-      description: Create or update a criticality record for a specific asset.
+      description: >
+        Create or update an asset criticality record for a specific entity.
+
+
+        If a record already exists for the specified entity, that record is
+        overwritten with the specified value. If a record doesn't exist for the
+        specified entity, a new record is created.
       operationId: CreateAssetCriticalityRecord
       requestBody:
         content:
@@ -6692,14 +6698,19 @@ paths:
           description: Successful response
         '400':
           description: Invalid request
-      summary: Upsert Criticality Record
+      summary: Upsert an asset criticality record
       tags:
         - Security Solution Entity Analytics API
   /api/asset_criticality/bulk:
     post:
-      description: >-
-        Bulk upsert up to 1000 asset criticality records, creating or updating
-        them as needed.
+      description: >
+        Bulk upsert up to 1000 asset criticality records.
+
+
+        If asset criticality records already exist for the specified entities,
+        those records are overwritten with the specified values. If asset
+        criticality records don't exist for the specified entities, new records
+        are created.
       operationId: BulkUpsertAssetCriticalityRecords
       requestBody:
         content:
@@ -6753,7 +6764,7 @@ paths:
           description: Bulk upload successful
         '413':
           description: File too large
-      summary: Bulk Upsert Asset Criticality Records
+      summary: Bulk upsert asset criticality records
       tags:
         - Security Solution Entity Analytics API
   /api/asset_criticality/list:
@@ -6830,7 +6841,7 @@ paths:
                   - per_page
                   - total
           description: Bulk upload successful
-      summary: List Asset Criticality Records
+      summary: List asset criticality records
       tags:
         - Security Solution Entity Analytics API
   /api/cases:
@@ -18850,6 +18861,10 @@ paths:
         - 'access:securitySolution'
   /api/risk_score/engine/schedule_now:
     post:
+      description: >-
+        Schedule the risk scoring engine to run as soon as possible. You can use
+        this to recalculate entity risk scores after updating their asset
+        criticality.
       operationId: ScheduleRiskEngineNow
       requestBody:
         content:
@@ -18876,7 +18891,7 @@ paths:
                 $ref: >-
                   #/components/schemas/Security_Solution_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse
           description: Unexpected error
-      summary: Schedule the risk engine to run as soon as possible
+      summary: Run the risk scoring engine
       tags:
         - Security Solution Entity Analytics API
   /api/saved_objects/_bulk_create:

x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/test_subjects.ts

@@ -11,6 +11,7 @@ export const JSON_TAB_VULNERABILITY_FLYOUT = 'vulnerability_json_tab_flyout';
 export const OVERVIEW_TAB_VULNERABILITY_FLYOUT = 'vulnerability_overview_tab_flyout';
 export const DATA_SOURCE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_data_source_display_box';
 export const PUBLISHED_DATE_VULNERABILITY_FLYOUT = 'vulnerability_flyout_date_display_box';
+export const VULNERABILITY_SCORES_FLYOUT = 'vulnerability_flyout_score';
 export const TAB_ID_VULNERABILITY_FLYOUT = (tabId: string) =>
   `vulnerability-finding-flyout-tab-${tabId}`;
 

x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_finding_flyout.test.tsx

@@ -17,6 +17,7 @@ import {
   DATA_SOURCE_VULNERABILITY_FLYOUT,
   FINDINGS_VULNERABILITY_FLYOUT_DESCRIPTION_LIST,
   PUBLISHED_DATE_VULNERABILITY_FLYOUT,
+  VULNERABILITY_SCORES_FLYOUT,
 } from '../test_subjects';
 import { EMPTY_VALUE } from '../../configurations/findings_flyout/findings_flyout';
 
@@ -93,8 +94,10 @@ describe('<VulnerabilityFindingFlyout/>', () => {
       );
       const dataSource = getByTestId(DATA_SOURCE_VULNERABILITY_FLYOUT);
       const publisedDate = getByTestId(PUBLISHED_DATE_VULNERABILITY_FLYOUT);
+      const vulnerabilityScores = getByTestId(VULNERABILITY_SCORES_FLYOUT);
       expect(dataSource.textContent).toEqual(`Data Source${EMPTY_VALUE}`);
       expect(publisedDate.textContent).toEqual(`Published Date${EMPTY_VALUE}`);
+      expect(vulnerabilityScores.textContent).toEqual(`Vulnerability Scores${EMPTY_VALUE}`);
     });
 
     it('show empty state for no fixes', () => {

x-pack/plugins/cloud_security_posture/public/pages/vulnerabilities/vulnerabilities_finding_flyout/vulnerability_overview_tab.tsx

@@ -33,6 +33,7 @@ import {
   DATA_SOURCE_VULNERABILITY_FLYOUT,
   OVERVIEW_TAB_VULNERABILITY_FLYOUT,
   PUBLISHED_DATE_VULNERABILITY_FLYOUT,
+  VULNERABILITY_SCORES_FLYOUT,
 } from '../test_subjects';
 import redhatLogo from '../../../assets/icons/redhat_logo.svg';
 import { VulnerabilityDetectionRuleCounter } from './vulnerability_detection_rule_counter';
@@ -309,8 +310,8 @@ export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityT
 
       <EuiHorizontalRule css={horizontalStyle} />
 
-      {cvssScores?.length > 0 && (
-        <EuiFlexItem>
+      {
+        <EuiFlexItem data-test-subj={VULNERABILITY_SCORES_FLYOUT}>
           <h4 css={flyoutSubheadingStyle}>
             <FormattedMessage
               id="xpack.csp.vulnerabilities.vulnerabilityOverviewTab.vulnerabilityScores"
@@ -324,10 +325,10 @@ export const VulnerabilityOverviewTab = ({ vulnerabilityRecord }: VulnerabilityT
               margin-top: ${euiThemeVars.euiSizeS};
             `}
           >
-            {cvssScores}
+            {!!cvssScores?.length ? cvssScores : EMPTY_VALUE}
           </EuiFlexGroup>
         </EuiFlexItem>
-      )}
+      }
     </EuiFlexGroup>
   );
 };