From c4fed1829a25ef17fde3ef2cc28b07ea53a69b6d Mon Sep 17 00:00:00 2001
From: Dominik Richter <dominik.richter@gmail.com>
Date: Wed, 20 Mar 2024 14:06:08 -0700
Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20internal:=20add=20blast=20radius=20?=
 =?UTF-8?q?computation=20(#1191)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
---
 policy/cnspec_policy.proto | 12 ++++++++++++
 policy/score_stats.go      | 39 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 51 insertions(+)
 create mode 100644 policy/score_stats.go

diff --git a/policy/cnspec_policy.proto b/policy/cnspec_policy.proto
index 9f22fb1e..2be59639 100644
--- a/policy/cnspec_policy.proto
+++ b/policy/cnspec_policy.proto
@@ -601,16 +601,28 @@ message ScoreDistribution {
 }
 
 message ScoreStats {
+  // Assets in the top groups of stats. For the total number of assets in the
+  // stats just add up all the categories.
   uint32 assets = 1;
+  // Critical findings
   uint32 critical = 3;
+  // High risk findings
   uint32 high = 4;
+  // Medium risk findings
   uint32 medium = 5;
+  // Low risks findings
   uint32 low = 6;
+  // Passing observations
   uint32 pass = 7;
+  // Unknown results
   uint32 unknown = 8;
+  // Error results
   uint32 error = 9;
+  // First time a failure was detected
   int64 first_failure_time = 10;
+  // Oldest scan in the set of assets observed
   int64 oldest_scan_time = 11;
+  // Newest scan in the set of assets observed
   int64 newest_scan_time = 12;
 }
 
diff --git a/policy/score_stats.go b/policy/score_stats.go
new file mode 100644
index 00000000..f2c69d0f
--- /dev/null
+++ b/policy/score_stats.go
@@ -0,0 +1,39 @@
+// Copyright (c) Mondoo, Inc.
+// SPDX-License-Identifier: BUSL-1.1
+
+package policy
+
+type BlastRadiusIndicator string
+
+const (
+	BlastRadius_Small  BlastRadiusIndicator = "s"
+	BlastRadius_Medium BlastRadiusIndicator = "m"
+	BlastRadius_Large  BlastRadiusIndicator = "l"
+)
+
+// BlastRadiusConfig for custom blast radius indicators
+type BlastRadiusConfig struct {
+	SmallPct          float32
+	MediumPct         float32
+	CategoryThreshold float32
+}
+
+// DefaultBlastRadiusConfig
+var DefaultBlastRadiusConfig = BlastRadiusConfig{
+	SmallPct:          0.05,
+	MediumPct:         0.20,
+	CategoryThreshold: 20,
+}
+
+// BlastRadius retrieves the blast radius indicator and assets in this category.
+// It requires a weight as input
+func (b *BlastRadiusConfig) Indicator(totalWeight float32, weight float32) BlastRadiusIndicator {
+	rel := weight / totalWeight
+	if rel < b.SmallPct {
+		return BlastRadius_Small
+	}
+	if rel < b.MediumPct {
+		return BlastRadius_Medium
+	}
+	return BlastRadius_Large
+}