Reverted certainty_score field changes

opencybersecurityalliance · Oct 10, 2023 · fed4279 · fed4279
1 parent 3abd4a9
commit fed4279
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 18 deletions.
diff --git a/stix_shifter_modules/vectra/stix_translation/json/stix_2_1/to_stix_map.json b/stix_shifter_modules/vectra/stix_translation/json/stix_2_1/to_stix_map.json
@@ -104,18 +104,16 @@
     }
   ],
   "certainty": [
+    {
+      "key": "x-ibm-finding.confidence",
+      "object": "detection"
+    },
     {
       "key": "x-ibm-ttp-tagging.confidence",
       "object": "ttp_finding",
       "transformer": "ConvertToReal"
     }
   ],
-  "certainty_score": [
-    {
-      "key": "x-ibm-finding.confidence",
-      "object": "detection"
-    }
-  ],
   "first_timestamp": [
     {
       "key": "x-ibm-finding.start",

diff --git a/stix_shifter_modules/vectra/stix_translation/json/to_stix_map.json b/stix_shifter_modules/vectra/stix_translation/json/to_stix_map.json
@@ -104,18 +104,16 @@
     }
   ],
   "certainty": [
+    {
+      "key": "x-ibm-finding.confidence",
+      "object": "detection"
+    },
     {
       "key": "x-ibm-ttp-tagging.confidence",
       "object": "ttp_finding",
       "transformer": "ConvertToReal"
     }
   ],
-  "certainty_score": [
-    {
-      "key": "x-ibm-finding.confidence",
-      "object": "detection"
-    }
-  ],
   "first_timestamp": [
     {
       "key": "x-ibm-finding.start",

diff --git a/stix_shifter_modules/vectra/stix_transmission/connector.py b/stix_shifter_modules/vectra/stix_transmission/connector.py
@@ -223,10 +223,6 @@ def get_results_data(self, response_dict):
 
             detection_type = record.get('detection_type', '')
 
-            # adding new field for confidence field mapping
-            if 'certainty' in record:
-                record['certainty_score'] = record['certainty']
-
             # if x-ibm-finding object event_count is not available, setting the default value to 1.
             # if default value is not set, CP4S inserts NaN value for event_count which causes rendering issue in UI.
             if record.get('summary') and \

diff --git a/stix_shifter_modules/vectra/test/stix_translation/test_vectra_json_to_stix.py b/stix_shifter_modules/vectra/test/stix_translation/test_vectra_json_to_stix.py
@@ -35,8 +35,7 @@
     'src_ip': '11.111.11.111',
     'state': 'inactive',
     'certainty': 0,
-    'certainty_score': 1,
-    'threat': 1,
+    'threat': 0,
     'created_timestamp': '2022-12-22T07:43:52Z',
     'first_timestamp': '2022-12-22T07:33:38Z',
     'last_timestamp': '2022-12-27T06:44:32Z',