From 2f73d01935aaa779138c0d5b61b621aee34ed873 Mon Sep 17 00:00:00 2001
From: pavel jurka <pavel.jurka@sentinelone.com>
Date: Tue, 11 Jun 2024 11:35:21 +0200
Subject: [PATCH] Feat: [#1109] - extended compliance finding - compliance by
 adding compliance_references and _standards based on kb_article to provide
 possibility to map KB articles with information relevant to finding.

---
 CHANGELOG.md            |  1 +
 dictionary.json         | 12 ++++++++++++
 objects/compliance.json |  6 ++++++
 3 files changed, 19 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b536cfd30..3f06e8685 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -56,6 +56,7 @@ Thankyou! -->
     6. Added `signatures` object, an array of `signature` objects. #992
     7. Added `whois` object. #992
     8. Added `domain_contact` and array-typed `domain_contacts` object for use with `whois` object. #992
+    9. Added array-typed `compliacne_references` and array-typed `compliance_standards` objects as array of `kb_article` and used in `compliance` object. #1066 
 
 * #### Platform Extensions
 
diff --git a/dictionary.json b/dictionary.json
index 047fe255b..080019dd1 100644
--- a/dictionary.json
+++ b/dictionary.json
@@ -934,6 +934,18 @@
       "description": "The compliance object provides context to compliance findings (e.g., a check against a specific regulatory or best practice framework such as CIS, NIST etc.) and contains compliance related details.",
       "type": "compliance"
     },
+    "compliance_references": {
+      "caption": "Complaince References Articles",
+      "description": "A list of sources of information or tools that help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples.",
+      "type": "kb_article",
+      "is_array": true
+    },
+    "compliance_standards": {
+      "caption": "Compliance Standards Articles",
+      "description": "A list of established guidelines or criteria that define specific requirements an organization must follow.",
+      "type": "kb_article",
+      "is_array": true
+    },
     "component": {
       "caption": "Component",
       "description": "The component of a data object. See specific usage.",
diff --git a/objects/compliance.json b/objects/compliance.json
index 5e33eeb59..7ce54506a 100644
--- a/objects/compliance.json
+++ b/objects/compliance.json
@@ -4,6 +4,12 @@
   "extends": "object",
   "name": "compliance",
   "attributes": {
+    "compliance_references": {
+      "requirement": "optional"
+    },
+    "compliance_standards": {
+      "requirement": "optional"
+    },
     "control": {
       "requirement": "recommended"
     },