-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #615 from ge-high-assurance/security-data
Added CAPEC and NIST data
- Loading branch information
Showing
11 changed files
with
188 additions
and
740 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| identifier | ||
| CAPEC-112 | ||
| CAPEC-114 | ||
| CAPEC-115 | ||
| CAPEC-116 | ||
| CAPEC-117 | ||
| CAPEC-123 | ||
| CAPEC-125 | ||
| CAPEC-130 | ||
| CAPEC-131 | ||
| CAPEC-137 | ||
| CAPEC-148 | ||
| CAPEC-151 | ||
| CAPEC-169 | ||
| CAPEC-175 | ||
| CAPEC-176 | ||
| CAPEC-184 | ||
| CAPEC-188 | ||
| CAPEC-192 | ||
| CAPEC-21 | ||
| CAPEC-22 | ||
| CAPEC-224 | ||
| CAPEC-242 | ||
| CAPEC-248 | ||
| CAPEC-25 | ||
| CAPEC-26 | ||
| CAPEC-28 | ||
| CAPEC-390 | ||
| CAPEC-438 | ||
| CAPEC-439 | ||
| CAPEC-440 | ||
| CAPEC-507 | ||
| CAPEC-549 | ||
| CAPEC-586 | ||
| CAPEC-594 | ||
| CAPEC-607 | ||
| CAPEC-624 | ||
| CAPEC-74 |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| data-graph: "http://rack001/capec" | ||
| ingestion-steps: | ||
| #Phase1: Identifiers Only | ||
| - {nodegroup: "ingest_THREAT", csv: "CAPEC1.csv"} | ||
|
|
||
| #Phase2: The rest of the data | ||
| - {nodegroup: "ingest_THREAT", csv: "CAPEC2.csv"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| identifier | ||
| AU-12 | ||
| AU-12-1 | ||
| AU-12-3 | ||
| AU-9 | ||
| AU-9-3 | ||
| IA-2 | ||
| IA-2-1 | ||
| IA-2-11 | ||
| IA-2-12 | ||
| IA-2-2 | ||
| IA-2-3 | ||
| IA-2-4 | ||
| IA-2-8 | ||
| IA-2-9 | ||
| IA-3 | ||
| IA-3-1 | ||
| IA-3-4 | ||
| MP-6-8 | ||
| PE-3 | ||
| PE-3-1 | ||
| PE-3-5 | ||
| SA-11-1 | ||
| SA-12 | ||
| SA-18-1 | ||
| SC-13 | ||
| SC-23 | ||
| SC-28 | ||
| SC-29 | ||
| SC-4 | ||
| SC-40 | ||
| SC-40-1 | ||
| SC-4-2 | ||
| SC-5 | ||
| SC-5-2 | ||
| SC-6 | ||
| SC-7-16 | ||
| SC-8 | ||
| SI-10 | ||
| SI-10-5 | ||
| SI-11 | ||
| SI-15 | ||
| SI-16 | ||
| SI-17 | ||
| SI-7-1 | ||
| SI-7-15 | ||
| SI-7-5 | ||
| SI-7-6 | ||
| SI-7-9 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| identifier,description | ||
| AU-12,Audit Record Generation - a. Provide audit record generation capability for the event types the system is capable of auditing as defined in AU-2a on [Assignment: organization-defined information system components]; b. Allows [Assignment: organization-defined personnel or roles] to select the event types that are to be audited by specific components of the information system; and c. Generates audit records for the events defined in AU-2c that include the audit record content defined in AU-3.. | ||
| AU-12-1,System-wide / Time-correlated Audit Trail - The information system compiles audit records from [Assignment: organization-defined information system components] into a system-wide (logical or physical) audit trail that is time-correlated towithin [Assignment: organization-defined level of tolerance for the relationship between time stamps of individual records in the audit trail].. | ||
| AU-12-3,Changes By Authorized Individuals - The information system provides the capability for [Assignment: organization-defined individuals or roles] to change the auditing to be performed on [Assignment: organization-defined information system components] based on [Assignment: organization-defined selectable event criteria]within [Assignment: organization-defined time thresholds].. | ||
| AU-9,"Protection Of Audit Information - a. Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and b. Alert [Assignment: organization-defined personnel or roles] upon detection of unauthorized access, modification, or deletion of audit information.." | ||
| AU-9-3,Cryptographic Protection- Implement cryptographic mechanisms to protect the integrity of audit information and audit tools.. | ||
| IA-2,Identification and Authentication (Organizational Users) - Uniquely identify and authenticate organizational users and associate that unique identificationwith processes acting on behalf of those users.. | ||
| IA-2-1,Network Access to Privileged Accounts - Implement multi-factor authentication for access to privileged accounts.. | ||
| IA-2-11,Remote Access - Separate Device - The information system implements multifactor authentication for remote access to privileged and non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access and the device meets [Assignment: organization-defined strength of mechanism requirements].. | ||
| IA-2-12,Acceptance of PIV Credentials - The information system accepts and electronically verifies Personal Identity Verification (PIV) credentials.. | ||
| IA-2-2,Network Access to Non-Privileged Accounts - Implement multi-factor authentication for access to non-privileged accounts.. | ||
| IA-2-3,Local Access to Privileged Accounts - The information system implements multifactor authentication for local access to privileged accounts.. | ||
| IA-2-4,Local Access to Non-Privileged Accounts - The information system implements multifactor authentication for local access to non-privileged accounts. | ||
| IA-2-8,Network Access to Privileged Accounts - Replay Resistant - The information system implements replay-resistant authentication mechanisms for network access to privileged accounts.. | ||
| IA-2-9,Network Access to Non-Privileged Accounts - Replay Resistant - The information system implements replay-resistant authentication mechanisms for network access to non-privileged accounts.. | ||
| IA-3,Device Identification And Authentication - The information system uniquely identifies and authenticates [Assignment: organization-defined specific and/or types of devices] before establishing a [Selection (one or more): local; remote; network] connection.. | ||
| IA-3-1,Cryptographic Bidirectional Authentication - The information system authenticates [Assignment: organization-defined specific devices and/or types of devices] before establishing [Selection (one or more): local; remote; network] connection using bidirectional authentication that is crypto-graphically based. . | ||
| IA-3-4,Device Attestation - The organization ensures that device identification and authentication based on attestation is handled by [Assignment: organization-defined configuration management process].. | ||
| MP-6-8,"Wiping of Information - a. Sanitize [Assignment: organization-defined system media] prior to disposal, release out of organizational control, or release for reuse using [Assignment: organization-defined sanitization techniques and procedures]; and b. Employ sanitization mechanismswith the strength and integrity commensuratewith the security category or classification of the information.." | ||
| PE-3,"Physical Access Control - The organization: a. Enforces physical access authorizations at [Assignment: organization-defined entry/exit points to the facility where the information system resides] by; 1.Verifying individual access authorizations before granting access to the facility; and 2.Controlling ingress/egress to the facility using [Selection (one or more): [Assignment: organization-defined physical access control systems/devices]; guards]; b. Maintains physical access audit logs for [Assignment: organization-defined entry/exit points]; c. Provides [Assignment: organization-defined security safeguards] to control access to areaswithin the facility officially designated as publicly accessible; d. Escorts visitors and monitors visitor activity [Assignment: organization-defined circumstances requiring visitor escorts and monitoring]; e. Secures keys, combinations, and other physical access devices; f. Inventories [Assignment: organization-defined physical access devices] every [Assignment: organization-defined frequency]; and g. Changes combinations and keys [Assignment: organization-defined frequency] and/or when keys are lost, combinations are compromised, or individuals are transferred or terminated. ." | ||
| PE-3-1,Information System Access Control - The organization enforces physical access authorizations to the information system in addition to the physical access controls for the facility at [Assignment: organization-defined physical spaces containing one or more components of the information system].. | ||
| PE-3-5,Tamper Protection - The organization employs [Assignment: organization-defined security safeguards] to [Selection (one or more): detect; prevent] physical tampering or alteration of [Assignment: organization-defined hardware components]within the information system.. | ||
| SA-11-1,"Static Code Analysis - Require the developer of the system, system component, or system service to employ static code analysis tools to identify common flaws and document the results of the analysis.." | ||
| SA-12,"Supply Chain Protection - The organization protects against supply chain threats to the information system, system component, or information system service by employing [Assignment: organization-defined security safeguards] as part of a comprehensive, defense-in-breadth information security strategy.." | ||
| SA-18-1,Tamper Resistance and Detection. | ||
| SC-13,Cryptographic Protection - a. Determine the [Assignment: organization-defined cryptographic uses]; and b. Implement the following types of cryptography required for each specified cryptographic use: [Assignment: organization-defined types of cryptography for each specified cryptographic use].. | ||
| SC-23,Session Authenticity - Protect the authenticity of communications sessions.. | ||
| SC-28,"Protection Of Information At Rest - Information at rest refers to the state of information when it is not in process or in transit and is located on system components. Such components include internal or external hard disk drives, storage area network devices, or databases. However, the focus of protecting information at rest is not on the type of storage device or frequency of access but rather on the state of the information. Information at rest addresses the confidentiality and integrity of information and covers user information and system information. System-related information that requires protection includes configurations or rule sets for firewalls, intrusion detection and prevention systems, filtering routers, and authentication information. Organizations may employ different mechanisms to achieve confidentiality and integrity protections, including the use of cryptographic mechanisms and file share scanning. Integrity protection can be achieved, for example, by implementing write-once-read-many (WORM) technologies. When adequate protection of information at rest cannot otherwise be achieved, organizations may employ other controls, including frequent scanning to identify malicious code at rest and secure offline storage in lieu of online storage. ." | ||
| SC-29,Heterogeneity - Employ a diverse set of information technologies for the following system components in the implementation of the system: [Assignment: organization-defined system components].. | ||
| SC-4,Information in Shared Resources - Prevent unauthorized and unintended information transfer via shared system resources.. | ||
| SC-40,Wireless Link Protection - Protect external and internal [Assignment: organization-defined wireless links] from the following signal parameter attacks: [Assignment: organization-defined types of signal parameter attacks or references to sources for such attacks].. | ||
| SC-40-1,Electromagnetic Interference - Implement cryptographic mechanisms that achieve [Assignment: organization-defined level of protection] against the effects of intentional electromagnetic interference. . | ||
| SC-4-2,Periods Processing - Prevent unauthorized information transfer via shared resources in accordancewith [Assignment: organization-defined procedures] when system processing explicitly switches between different information classification levels or security categories.. | ||
| SC-5,Denial of Service Protection - a. [Selection: Protect against; Limit] the effects of the following types of denial-of-service events: [Assignment: organization-defined types of denial-of-service events]; and b. Employ the following controls to achieve the denial-of-service objective: [Assignment: organization-defined controls by type of denial-of-service event].. | ||
| SC-5-2,"Excess Capacity/Bandwidth/Redundancy - Manage capacity, bandwidth, or other redundancy to limit the effects of information flooding denial-of-service attacks.." | ||
| SC-6,Resource Availability - Protect the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more): priority; quota; [Assignment: organization-defined controls]].. | ||
| SC-7-16,Prevent Discovery of Components/Devices - Prevent the discovery of specific system components that represent a managed interface.. | ||
| SC-8,Transmission Integrity - Protect the [Selection (one or more): confidentiality; integrity] of transmitted information.. | ||
| SI-10,Information Input Validation - Check the validity of the following information inputs: [ Assignment: organization-defined information inputs to the system].. | ||
| SI-10-5,Restrict Inputs to Trusted Sources and Approved Formats - Restrict the use of information inputs to [Assignment: organization-defined trusted sources] and/or [Assignment: organization-defined formats].. | ||
| SI-11,Error Handling - a. Generate error messages that provide information necessary for corrective actionswithout revealing information that could be exploited; and b. Reveal error messages only to [Assignment: organization-defined personnel or roles].. | ||
| SI-15,Information Output Handling - The information system validates information output from [Assignment: organization-defined software programs and/or applications] to ensure that the information is consistentwith the expected content.. | ||
| SI-16,Memory Protection - The information system implements [Assignment: organization-defined security safeguards] to protect its memory from unauthorized code execution.. | ||
| SI-17,Fail-Safe Procedures - Implement the indicated fail-safe procedures when the indicated failures occur: [Assignment: organization-defined list of failure conditions and associated fail-safe procedures].. | ||
| SI-7-1,"Integrity Checks - The information system performs an integrity check of [Assignment: organization-defined software, firmware, and information] [Selection (one or more): at startup; at [Assignment: organization-defined transitional states or security-relevant events]; [Assignment: organization-defined frequency]].." | ||
| SI-7-15,Code Authentication - The information system implements cryptographic mechanisms to authenticate [Assignment: organization-defined software or firmware components] prior to installation.. | ||
| SI-7-5,Automated Response To Integrity Violations - The information system automatically [Selection (one or more): shuts the information system down; restarts the information system; implements [Assignment: organization-defined security safeguards]] when integrity violations are discovered. . | ||
| SI-7-6,"Cryptographic Protection - The information system implements cryptographic mechanisms to detect unauthorized changes to software, firmware, and information.." | ||
| SI-7-9,Verify Boot Process - The information system verifies the integrity of the boot process of [Assignment: organization-defined devices].. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| data-graph: "http://rack001/nist-800-53" | ||
| ingestion-steps: | ||
| #Phase1: Identifiers Only | ||
| - {nodegroup: "ingest_CONTROL", csv: "NIST-800-53_1.csv"} | ||
|
|
||
| #Phase2: The rest of the data | ||
| - {nodegroup: "ingest_CONTROL", csv: "NIST-800-53_2.csv"} |
Oops, something went wrong.