From a28a9fe21daa0b9a12f76ef343d19cc14e9e68ed Mon Sep 17 00:00:00 2001 From: mlysaght Date: Fri, 22 Mar 2024 12:20:48 +0100 Subject: [PATCH] Add in control catalog with first object storage example --- control-catalog/control-catalog.md | 9 +++++++++ threat-catalog/storage/object/threats.md | 6 +++--- 2 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 control-catalog/control-catalog.md diff --git a/control-catalog/control-catalog.md b/control-catalog/control-catalog.md new file mode 100644 index 00000000..cca1503c --- /dev/null +++ b/control-catalog/control-catalog.md @@ -0,0 +1,9 @@ +| Key | Value | +|----------|----------| +| Control Id | CCC.OS.C1 | +| Objective | Enforce encryption-in-transit | +| Description | Block all unencrypted requests to the object storage bucket you control | +| Test | GIVEN you own the object storage bucket; WHEN an unencrypted HTTP request is made to the bucket; THEN the request should be denied | +| Service Taxonomy Id | CCC-020115 | +| NIST CF | Protect | +| Threats | CCC.OS.T1 | diff --git a/threat-catalog/storage/object/threats.md b/threat-catalog/storage/object/threats.md index bafc9dcb..fc83d22b 100644 --- a/threat-catalog/storage/object/threats.md +++ b/threat-catalog/storage/object/threats.md @@ -3,6 +3,6 @@ | Threat Id | CCC.OS.T1 | | Name | Intercept data in transit to an external bucket | | Description | Object storage service allows communication over HTTP. An attacker can intercept the traffic you send to an external bucket, in order to read or modify the data. | -| Service Taxonomy ID | CCC-020115 | -| MITRE ATT&CK | [TA009](https://attack.mitre.org/tactics/TA0009/) [T1557](https://attack.mitre.org/techniques/T1557/) | -| MITRE MITIGATION | [M1041](https://attack.mitre.org/mitigations/M1041) | +| Service Taxonomy Id | CCC-020115 | +| MITRE ATT&CK TTPs | [TA009](https://attack.mitre.org/tactics/TA0009/) [T1557](https://attack.mitre.org/techniques/T1557/) | +| MITRE ATT&CK Mitigations | [M1041](https://attack.mitre.org/mitigations/M1041) |