Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic ransomware reporting #1240

Closed
8 tasks done
mssalvatore opened this issue Jun 16, 2021 · 0 comments · Fixed by #1291
Closed
8 tasks done

Basic ransomware reporting #1240

mssalvatore opened this issue Jun 16, 2021 · 0 comments · Fixed by #1291
Labels
Complexity: High Feature Issue that describes a new feature to be implemented. Impact: High sp/5
Projects
Monkey Dev Board

Comments

@mssalvatore
Copy link
Collaborator

mssalvatore commented Jun 16, 2021
edited

Description

As a blue team member, I want a concise report that indicates whether or not the ransomware payload was successful, so that I can have a clear understanding of the risks that ransomware pose to my network.

Acceptance Criteria

  • A new ransomware report tab appears in the Monkey Island reporting page if the ransomware payload was run.
  • Statistics showing:
    • The # of machines successfully exploited vs attempted
    • The # for each exploiter
  • The ransomware report contains a table showing:
    • Which machines were compromised.
    • Which mechanism/exploit was used to propagate to that machine.
    • The # of files that were successfully encrypted.

Tasks

  • Add a new reporting tab (0d) - @shreyamalviya
    • Don't display reporting tab if no encryption/readme enabled
  • Process telemetry and generate
  • Provide an API endpoint that can be queried by the UI to retrieve the report details (0d) - @shreyamalviya
  • Display statistics information in a statistics component (0d) - @shreyamalviya
  • Display ransomware encryption information in a table component (0d) - @VakarisZ
@mssalvatore mssalvatore added Feature Issue that describes a new feature to be implemented. Impact: High Complexity: High labels Jun 16, 2021
@mssalvatore mssalvatore added this to Backlog in Monkey Dev Board Jun 16, 2021
@mssalvatore mssalvatore moved this from Backlog to To Do in Monkey Dev Board Jun 24, 2021
@mssalvatore mssalvatore moved this from To Do to Backlog in Monkey Dev Board Jun 24, 2021
@mssalvatore mssalvatore moved this from Backlog to To Do in Monkey Dev Board Jul 1, 2021
@shreyamalviya shreyamalviya moved this from To Do to In progress in Monkey Dev Board Jul 2, 2021
This was referenced Jul 2, 2021
Merged
Merged
Monkey Dev Board automation moved this from In progress to Done Jul 6, 2021
@mssalvatore mssalvatore moved this from Done to In progress in Monkey Dev Board Jul 6, 2021
@mssalvatore mssalvatore reopened this Jul 6, 2021
@shreyamalviya shreyamalviya mentioned this issue Jul 8, 2021
Merged
7 tasks
@VakarisZ VakarisZ mentioned this issue Jul 9, 2021
Merged
7 tasks
@shreyamalviya shreyamalviya mentioned this issue Jul 12, 2021
Merged
7 tasks
@VakarisZ VakarisZ mentioned this issue Jul 13, 2021
Merged
7 tasks
mssalvatore added a commit that referenced this issue Jul 13, 2021
@mssalvatore
Add #1240 to CHANGELOG
45a382f
@mssalvatore mssalvatore moved this from In progress to Done in Monkey Dev Board Jul 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Complexity: High Feature Issue that describes a new feature to be implemented. Impact: High sp/5
Projects
Monkey Dev Board
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add ransomware report tab guardicore/monkey
1 participant
@mssalvatore