arunpamulapati
commented
3 months ago Hi, Can you please send me the check id that you are referring to? Also can you use the additional details section to see if it has any details?
Closed rajj281 closed 3 months ago
arunpamulapati
commented
3 months ago Hi, Can you please send me the check id that you are referring to? Also can you use the additional details section to see if it has any details?
rajj281
commented
3 months ago Hi Arun
The check ID is 21. If I understand correctly, the code is looking for any PAT token with expire time of -1. If correct, I checked all the tokens in our environment, and they all have expiration dates.
There are other checks we are facing issues with. Is it possible to connect directly to go over it? Would appreciate it
Thanks
arunpamulapati
commented
3 months ago Thanks for reporting. The root cause is due to the evaluation_value is set to -1. When we made it configurable we should have put a default to 90 and allowed customers to adjust it but we left it at -1. I changed the
You can run the following command in your SQL Editor on your respective catalog and rerun the driver
update security_analysis.security_best_practices set evaluation_value = 90 where id ='21'
I made a fix to the config file in the branch and will be merged soon. https://github.com/databricks-industry-solutions/security-analysis-tool/issues/93
or you can make a pull the latest, remove security_best_practices_user.csv , rerun the security_analysis_initializer and security_analysis_driver
We are using the SAT tool; however, we are getting some false positive results and were wondering if we can get some help. For example PAT token check, we checked our environment, and all PAT tokens have expiration date however the tool flags that there are PAT tokens that don't have expiration date still
Thanks in advance for any support