UNPKG

@newrelic/security-agent

Version:

New Relic Security Agent for Node.js

github.com/newrelic/csec-node-agent

newrelic/csec-node-agent

143 lines (131 loc) 4.81 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
/* * Copyright 2023 New Relic Corporation. All rights reserved. * SPDX-License-Identifier: New Relic Software License v1.0 */ let newrelic; let NRAgent; /** * * @returns NewRelic Agent instance */ function getNRAgent() { if (NRAgent && NRAgent.config && !NRAgent.config.security.scan_schedule) { NRAgent.config.security.scan_schedule = {}; NRAgent.config.security.scan_schedule.delay = 0; NRAgent.config.security.scan_schedule.duration = 0; NRAgent.config.security.scan_schedule.schedule = ''; NRAgent.config.security.scan_schedule.always_sample_traces = false; } if ( NRAgent && NRAgent.config && !NRAgent.config.security.scan_controllers) { NRAgent.config.security.scan_controllers = {}; NRAgent.config.security.scan_controllers.iast_scan_request_rate_limit = 3600; NRAgent.config.security.scan_controllers.scan_instance_count = 0; } if (NRAgent && NRAgent.config && !NRAgent.config.security.exclude_from_iast_scan) { NRAgent.config.security.exclude_from_iast_scan = {}; NRAgent.config.security.exclude_from_iast_scan.api = []; NRAgent.config.security.exclude_from_iast_scan.http_request_parameters = {}; NRAgent.config.security.exclude_from_iast_scan.http_request_parameters.header = []; NRAgent.config.security.exclude_from_iast_scan.http_request_parameters.query = []; NRAgent.config.security.exclude_from_iast_scan.http_request_parameters.body = []; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category = {}; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.insecure_settings = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.invalid_file_access = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.sql_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.nosql_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.ldap_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.javascript_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.command_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.xpath_injection = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.ssrf = false; NRAgent.config.security.exclude_from_iast_scan.iast_detection_category.rxss = false; } return NRAgent; } /** * API to set newrelic agent object. * @param {*} agent */ function setNRAgent(agent) { NRAgent = agent; } /** * API to get security agent * @returns Security Agent instanace */ function getSecAgent() { const Agent = require('../nr-security-agent/lib/core/agent').Agent; const csecAgent = Agent.getAgent(); if (csecAgent) { return csecAgent; } } /** * API to get status of security agent * @returns Security Agent status */ function getSecAgentStatus() { const Agent = require('../nr-security-agent/lib/core/agent').Agent; if (Agent.getAgent()) { return Agent.getAgent().status.getStatus() } } /** * API to generate security event from the intermediate data * @param {*} securityMetadata * @returns security event object */ function generateSecEvent(securityMetadata) { return require('../nr-security-agent/lib/core/sec-util').generateSecEvent(securityMetadata); } /** * API to send security event * @param {*} secEvent */ function sendEvent(secEvent) { require('../nr-security-agent/lib/core/sec-util').sendEvent(secEvent); } /** * API to get logger instance * @returns */ function getLogger() { return require('../nr-security-agent/lib/core/logging').getLogger(); } /** * API to validate RXSS * @param {*} secRequest * @param {*} responseBody * @param {*} responseHeaders * @returns */ function checkForReflectedXSS(secRequest, responseBody, responseHeaders) { return require('../nr-security-agent/lib/core/xss-utils').checkForReflectedXSS(secRequest, responseBody, responseHeaders); } /** * API to get security agent policy * @returns security agent policy */ function getPolicy() { return require('../nr-security-agent/lib/core/Policy').getInstance(); } /** * API to generate Exit event * @param {*} event */ function generateExitEvent(event) { require('../nr-security-agent/lib/core/sec-util').generateExitEvent(event); } module.exports = { newrelic, getNRAgent, getSecAgent, getSecAgentStatus, generateSecEvent, sendEvent, getLogger, checkForReflectedXSS, getPolicy, generateExitEvent, setNRAgent }