Skip to content

Commit

Permalink
feat: #41 Most of the new expanded_control logic is in place now
Browse files Browse the repository at this point in the history
  • Loading branch information
xntrik committed Nov 13, 2022
1 parent ac2655a commit 7a7d61d
Show file tree
Hide file tree
Showing 18 changed files with 353 additions and 58 deletions.
51 changes: 44 additions & 7 deletions cmd/hcltm/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,9 +139,40 @@ threatmodel "threatmodel name" {
// The available values are '{{.ImpactTypes}}'
impacts = [{{.ImpactTypesOut}}]
// A threat may contain multiple expanded_control blocks
// These blocks will be replacing the older "control" string or
// "proposed_control" blocks
expanded_control "control name" {
description = "The control must have a description"
// implemented is optional, but defaults to false
implemented = true
// implementation_notes are optional
implementation_notes = "This string is optional"
// risk_reduction, while optional, is recommended
// this value takes an integer
risk_reduction = 50
// a control may contain optional attribute blocks
attribute "Attribute Name" {
value = "This value string must be set though for each attribute"
}
// a good use for these may be to refer to OWASP URLs
attribute "OWASP Proactive Control" {
value = "<link to control>"
}
}
// WARNING: The "control" string value is going to be deprecated in
// favor of expanded_control block!
// The control is optional, and allows the author to capture controls
// or circumstances that may reduce the likelihood of impact of the threat
control = "We require 2FA for access"
// control = "We require 2FA for access"
// The stride is an optional array of STRIDE elements that apply to this threat
// The available values are:
Expand All @@ -152,16 +183,19 @@ threatmodel "threatmodel name" {
// the elements must much existing information_assets - as above
information_asset_refs = ["cred store"]
// WARNING: The "proposed_control" blocks are going to be deprecated in
// favor of expanded_control blocks!
// The proposed_control blocks are optional, and are used to track
// proposed controls
proposed_control {
// proposed_control {
// The Description is required
description = "This is a proposed control"
// description = "This is a proposed control"
// The implemented boolean is optional, and defaults to false
implemented = true
}
}
// implemented = true
// }
// }
// You can import an external .hcl file that includes control descriptions
// Remember to do this at the threatmodel block level
Expand All @@ -178,7 +212,10 @@ threatmodel "threatmodel name" {
threat {
// To reference the above component
control = import.control.control_name.description
expanded_control "Control Name" {
description = import.control.control_name.description
risk_reduction = 50
}
description = <<EOT
Descriptions may be a multi-line entry as well.
Expand Down
1 change: 1 addition & 0 deletions dashboard-example/dashboard.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,5 @@ A dashboard of threat models.
| -- | -- | -- | -- | -- |
| [Fort Knox](tm1-fortknox.md "A .. fort?") | @xntrik | No | Yes | Small |
| [Modelly model](tm2-modellymodel.md "") | @xntrik | - | - | - |
| [Modelly model](tm3-modellymodel.md "") | @xntrik | - | - | - |
| [Tower of London](tm1-toweroflondon.md "A historic castle") | @xntrik | Yes | Yes | Small |
3 changes: 1 addition & 2 deletions dashboard-example/tm1-fortknox.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,7 @@ Someone steals the gold

> Impact Type: Confidentiality

#### Control
#### Legacy Control Description

Big walls

4 changes: 2 additions & 2 deletions dashboard-example/tm1-toweroflondon.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,10 @@ Someone who isn't the Queen steals the crown

> Impact Type: Confidentiality

#### Control
#### Legacy Control Description

Lots of guards

## Third Party Dependencies

### community watch
Expand Down
4 changes: 1 addition & 3 deletions dashboard-example/tm2-modellymodel.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,9 @@ Author: @xntrik

threaty threat

> Impact Type:
> STRIDE: Spoofing, Elevation Of Privilege
#### Control
#### Legacy Control Description

SOMETHING HUGELY IMPORTANT HERE IN ANOTHER FOLDER

Binary file modified dashboard-example/tm2-modellymodel.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
59 changes: 59 additions & 0 deletions dashboard-example/tm3-modellymodel.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# Modelly model

Author: @xntrik

## Threat Scenarios

### Threat

threaty threat

> STRIDE: Spoofing, Elevation Of Privilege
#### Legacy Control Description

* AWS accounts are managed with [AWS Organisations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html#features)
* The root user is only used by exception, and has [MFA](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#id_root-user_manage_mfa) enabled

### Threat

Something else

#### Legacy Control Description

Error messages are not verbose on public interfaces

#### Controls

##### thing

> Implemented: ❌
This is the new type of control

| | |
| -- | -- |

#### Proposed Controls

- [ ] Do the thing
- [x] Do another thing

### Threat

Something else that is also equally as bad

#### Controls

##### trusted libraries

> Implemented: ❌
Libraries and frameworks are from trusted sources that are actively maintained and widely used by many applications

| | |
| -- | -- |
| Risk Reduction | 50 |
| proactive_control | C2 |
| url | https://owasp.org/www-project-proactive-controls/v3/en/c2-leverage-security-frameworks-libraries |

4 changes: 1 addition & 3 deletions examples/including-example/corp-app.hcl
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
spec_version = "0.1.4"
spec_version = "0.1.5"

threatmodel "Tower of London" {

Expand All @@ -18,7 +18,6 @@ threatmodel "Tower of London" {
threat {
description = "Someone who isn't the Queen defaces the crown"
impacts = ["Confidentiality"]
control = "Lots of guards"
}

}
Expand All @@ -31,7 +30,6 @@ threatmodel "Tower of France" {
threat {
description = "Someone who isn't the Queen defaces the crown"
impacts = ["Confidentiality"]
control = "Lots of guards"
}

}
25 changes: 18 additions & 7 deletions examples/including-example/shared/tower.hcl
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
spec_version = "0.1.4"
spec_version = "0.1.5"

threatmodel "Tower of London" {
description = "A historic castle"
Expand Down Expand Up @@ -31,20 +31,31 @@ threatmodel "Tower of London" {
threat {
description = "Someone who isn't the Queen steals the crown"
impacts = ["Confidentiality"]
control = "Lots of guards"
}

threat {
description = "Something else that is risky"

proposed_control {
implemented = false
description = "Do the thing"
# proposed_control {
# implemented = false
# description = "Do the thing"
# }

expanded_control "Do the thing" {
description = "And do it well"
implemented = true
risk_reduction = 10
}

proposed_control {
# proposed_control {
# implemented = true
# description = "Do another thing"
# }

expanded_control "Do another thing" {
description = "more words about the control"
implemented = true
description = "Do another thing"
risk_reduction = 10
}
}

Expand Down
22 changes: 21 additions & 1 deletion examples/threatmodel-template-html.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -83,10 +83,30 @@ Source: {{ .Source }}{{- end }}
{{- end}}
{{- if .Control }}

<h4>Control</h4>
<h4>Legacy Control Description</h4>

{{ .Control }}<br />
{{- end }}
{{- if .Controls }}

<h4>Controls</h4>

{{ range .Controls }}<h5>{{ .Name }}</h5>

{{ if .Implemented }}
<p><em>Implemented: ✅ </em></p>{{- else }}<p><em>Implemented: ❌ </em></p>{{- end }}

<p>{{ .Description }}</p>

<table>
{{- if .RiskReduction }}
<tr><td>Risk Reduction</td><td>{{ .RiskReduction }}</td></tr>{{- end }}
{{- range .Attributes }}
<tr><td>{{ .Name }}</td><td>{{ .Value }}</td></tr>{{- end }}
</table><br />

{{- end }}
{{- end }}
{{- end }}
{{- end }}

Expand Down
41 changes: 38 additions & 3 deletions examples/threatmodel-template.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ Diagram: {{ .DiagramLink }}
{{ .Description }}
{{ if .Source }}
> Source: {{ .Source }}{{- end }}
{{ end }}
{{- end }}
{{- end }}
{{- with .Threats }}

Expand All @@ -64,25 +64,59 @@ Diagram: {{ .DiagramLink }}

> Impact Type: {{ $impact := .ImpactType }}{{ range $index, $elem := .ImpactType }}{{ if $index}}, {{end}}{{.}}{{end}}
{{- end }}
{{ if .Stride}}
{{- if .Stride}}

> STRIDE: {{ $stride := .Stride }}{{ range $index, $elem := .Stride }}{{ if $index}}, {{end}}{{.}}{{end}}
{{- end}}
{{- if .InformationAssetRefs }}

Impacted Information Assets:

{{ range .InformationAssetRefs }}* {{.}}
{{ end}}
{{- end}}
{{- if .Control }}

#### Control
#### Legacy Control Description

{{ .Control }}
{{- end }}
{{- if .Controls }}

#### Controls

{{ range .Controls }}##### {{ .Name }}

{{ if .Implemented }}
> Implemented: ✅ {{- else }}> Implemented: ❌ {{- end }}

{{ .Description }}{{- if .ImplementationNotes }}

_Implementation Notes_

{{ .ImplementationNotes}}{{- end }}

| | |
| -- | -- |
{{- if .RiskReduction }}
| Risk Reduction | {{ .RiskReduction }} |{{- end }}
{{- range .Attributes }}
| {{ .Name }} | {{ .Value }} |{{- end }}

{{- end }}
{{- end }}
{{- if .ProposedControls }}

#### Proposed Controls

{{ range .ProposedControls }}{{- if .Implemented }}- [x] {{- else }}- [ ] {{- end }} {{ .Description }}
{{ end }}
{{- end }}
{{- end }}
{{- end }}

{{- with .ThirdPartyDependencies }}

## Third Party Dependencies
{{ range . }}
### {{ .Name }}
Expand Down Expand Up @@ -118,3 +152,4 @@ Created: {{ (unixToTime .CreatedAt) }} - Updated: {{ (unixToTime .UpdatedAt) }}
{{- end }}
{{- end }}


18 changes: 14 additions & 4 deletions examples/tm1.hcl
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
spec_version = "0.1.4"
spec_version = "0.1.5"

threatmodel "Tower of London" {
description = "A historic castle"
Expand Down Expand Up @@ -27,7 +27,13 @@ threatmodel "Tower of London" {
threat {
description = "Someone who isn't the Queen steals the crown"
impacts = ["Confidentiality"]
control = "Lots of guards"

expanded_control "Lots of Guards" {
implemented = true
description = "Lots of guards patrol the area"
implementation_notes = "They are trained to be guards as well"
risk_reduction = 80
}
}

}
Expand All @@ -54,7 +60,11 @@ threatmodel "Fort Knox" {
threat {
description = "Someone steals the gold"
impacts = ["Confidentiality"]
control = "Big walls"
}

expanded_control "Big Wall" {
implemented = true
description = "A large wall surrounds the fort"
risk_reduction = 80
}
}
}
Loading

0 comments on commit 7a7d61d

Please sign in to comment.