googleapis · sofisl · Jun 26, 2024 · Jun 24, 2024 · Jun 24, 2024 · Jun 25, 2024
@@ -32,6 +32,7 @@ import "google/cloud/securitycenter/v1/database.proto";
 import "google/cloud/securitycenter/v1/exfiltration.proto";
 import "google/cloud/securitycenter/v1/external_system.proto";
 import "google/cloud/securitycenter/v1/file.proto";
+import "google/cloud/securitycenter/v1/group_membership.proto";
 import "google/cloud/securitycenter/v1/iam_binding.proto";
 import "google/cloud/securitycenter/v1/indicator.proto";
 import "google/cloud/securitycenter/v1/kernel_rootkit.proto";
@@ -44,6 +45,7 @@ import "google/cloud/securitycenter/v1/org_policy.proto";
 import "google/cloud/securitycenter/v1/process.proto";
 import "google/cloud/securitycenter/v1/security_marks.proto";
 import "google/cloud/securitycenter/v1/security_posture.proto";
+import "google/cloud/securitycenter/v1/toxic_combination.proto";
 import "google/cloud/securitycenter/v1/vulnerability.proto";
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
@@ -183,6 +185,12 @@ message Finding {
     // Describes a potential security risk due to a change in the security
     // posture.
     POSTURE_VIOLATION = 6;
+
+    // Describes a group of security issues that, when the issues
+    // occur together, represent a greater risk than when the issues occur
+    // independently. A group of such issues is referred to as a toxic
+    // combination.
+    TOXIC_COMBINATION = 7;
   }
 
   // The [relative resource
@@ -395,4 +403,16 @@ message Finding {
 
   // Notebook associated with the finding.
   Notebook notebook = 63;
+
+  // Contains details about a group of security issues that, when the issues
+  // occur together, represent a greater risk than when the issues occur
+  // independently. A group of such issues is referred to as a toxic
+  // combination.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  ToxicCombination toxic_combination = 64;
+
+  // Contains details about groups of which this finding is a member. A group is
+  // a collection of findings that are related in some way.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  repeated GroupMembership group_memberships = 65;
 }
@@ -0,0 +1,44 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v1;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
+option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "GroupMembershipProto";
+option java_package = "com.google.cloud.securitycenter.v1";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
+option ruby_package = "Google::Cloud::SecurityCenter::V1";
+
+// Contains details about groups of which this finding is a member. A group is a
+// collection of findings that are related in some way.
+message GroupMembership {
+  // Possible types of groups.
+  enum GroupType {
+    // Default value.
+    GROUP_TYPE_UNSPECIFIED = 0;
+
+    // Group represents a toxic combination.
+    GROUP_TYPE_TOXIC_COMBINATION = 1;
+  }
+
+  // Type of group.
+  GroupType group_type = 1;
+
+  // ID of the group.
+  string group_id = 2;
+}
@@ -0,0 +1,41 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v1;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
+option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "ToxicCombinationProto";
+option java_package = "com.google.cloud.securitycenter.v1";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
+option ruby_package = "Google::Cloud::SecurityCenter::V1";
+
+// Contains details about a group of security issues that, when the issues
+// occur together, represent a greater risk than when the issues occur
+// independently. A group of such issues is referred to as a toxic combination.
+message ToxicCombination {
+  // The
+  // [Attack exposure
+  // score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores)
+  // of this toxic combination. The score is a measure of how much this toxic
+  // combination exposes one or more high-value resources to potential attack.
+  double attack_exposure_score = 1;
+
+  // List of resource names of findings associated with this toxic combination.
+  // For example, `organizations/123/sources/456/findings/789`.
+  repeated string related_findings = 2;
+}
@@ -32,6 +32,7 @@ import "google/cloud/securitycenter/v2/database.proto";
 import "google/cloud/securitycenter/v2/exfiltration.proto";
 import "google/cloud/securitycenter/v2/external_system.proto";
 import "google/cloud/securitycenter/v2/file.proto";
+import "google/cloud/securitycenter/v2/group_membership.proto";
 import "google/cloud/securitycenter/v2/iam_binding.proto";
 import "google/cloud/securitycenter/v2/indicator.proto";
 import "google/cloud/securitycenter/v2/kernel_rootkit.proto";
@@ -43,6 +44,7 @@ import "google/cloud/securitycenter/v2/org_policy.proto";
 import "google/cloud/securitycenter/v2/process.proto";
 import "google/cloud/securitycenter/v2/security_marks.proto";
 import "google/cloud/securitycenter/v2/security_posture.proto";
+import "google/cloud/securitycenter/v2/toxic_combination.proto";
 import "google/cloud/securitycenter/v2/vulnerability.proto";
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
@@ -188,6 +190,10 @@ message Finding {
     // Describes a potential security risk due to a change in the security
     // posture.
     POSTURE_VIOLATION = 6;
+
+    // Describes a combination of security issues that represent a more severe
+    // security problem when taken together.
+    TOXIC_COMBINATION = 7;
   }
 
   // The [relative resource
@@ -424,4 +430,16 @@ message Finding {
 
   // The load balancers associated with the finding.
   repeated LoadBalancer load_balancers = 50;
+
+  // Contains details about a group of security issues that, when the issues
+  // occur together, represent a greater risk than when the issues occur
+  // independently. A group of such issues is referred to as a toxic
+  // combination.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  ToxicCombination toxic_combination = 56;
+
+  // Contains details about groups of which this finding is a member. A group is
+  // a collection of findings that are related in some way.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  repeated GroupMembership group_memberships = 57;
 }
@@ -0,0 +1,44 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "GroupMembershipProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains details about groups of which this finding is a member. A group is a
+// collection of findings that are related in some way.
+message GroupMembership {
+  // Possible types of groups.
+  enum GroupType {
+    // Default value.
+    GROUP_TYPE_UNSPECIFIED = 0;
+
+    // Group represents a toxic combination.
+    GROUP_TYPE_TOXIC_COMBINATION = 1;
+  }
+
+  // Type of group.
+  GroupType group_type = 1;
+
+  // ID of the group.
+  string group_id = 2;
+}
@@ -0,0 +1,42 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "ToxicCombinationProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains details about a group of security issues that, when the issues
+// occur together, represent a greater risk than when the issues occur
+// independently. A group of such issues is referred to as a toxic
+// combination.
+message ToxicCombination {
+  // The
+  // [Attack exposure
+  // score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores)
+  // of this toxic combination. The score is a measure of how much this toxic
+  // combination exposes one or more high-value resources to potential attack.
+  double attack_exposure_score = 1;
+
+  // List of resource names of findings associated with this toxic combination.
+  // For example, `organizations/123/sources/456/findings/789`.
+  repeated string related_findings = 2;
+}