Install Alice https://github.com/intel/dffml/tree/alice/entities/alice
Create the THREATS.md file
$ alice threats \
-inputs \
models/good.json=ThreatDragonThreatModelPath \
models/GOOD_THREATS.md=ThreatsMdPathWe made auditor_overlay.py which is a data flow which calls the auditor. We
use sed to direct the data flow to run on the path to the threat model from
Threat Dragon used as input.
$ dffml service dev export auditor_overlay:AUDITOR_OVERLAY \
-configloader yaml \
| sed -e 's/auditor_overlay:audit.inputs.ltm/ThreatDragonThreatModelPath/g' \
| tee auditor_overlay.yamlGenerate GOOD_THREATS.md with auditing overlay.
$ alice threats -log debug \
-overlay auditor_overlay.yaml \
-inputs \
models/good.json=ThreatDragonThreatModelPath \
models/GOOD_THREATS.md=ThreatsMdPathGenerate BAD_THREATS.md with auditing overlay.
$ alice threats -log debug \
-overlay auditor_overlay.yaml \
-inputs \
models/bad.json=ThreatDragonThreatModelPath \
models/BAD_THREATS.md=ThreatsMdPathDump out to HTTP to copy to GitHub for rendering.
$ (echo -e 'HTTP/1.0 200 OK\n' && cat models/GOOD_THREATS.md) | nc -Nlp 9999;
$ (echo -e 'HTTP/1.0 200 OK\n' && cat models/BAD_THREATS.md) | nc -Nlp 9999;