Skip to main content

How to Import a DFD (created in MTMT) into Irius Risk

Ajay Vaghela
  • Updated

In this article

Permissions required

  • To create a project:

    • API_ACCESS

    • PRODUCT_CREATE_UPDATE_OTM

  • To update a project

    • API_ACCESS

    • PRODUCT_UPDATE

    • PRODUCT_CREATE_UPDATE_OTM

 

Instructions

For this guide , we will use the following DFD as an example:

_1__DFD.png

1. Establish the boundaries being used in the DFD by the display name and the stencil name:

 

1.1 Border Boundary: Cloud Service uses the Stencil Generic Trust Border Boundary:

_1a__main_boundary.png

 

1.2 Border Boundary: Internet uses the Stencil Generic Trust Border Boundary

_4__Internet.png

 

1.3 Border Boundary: Public Cloud uses the Stencil Azure Trust Boundary

_3__Public_Cloud.png

 

2. Download the default mapping file for MTMT (mtmt_default_mapping_example.yaml) from Github

3. Note the attributes using for mapping the trust zones:

-label : This is the Stencil name

-type: For Importing via OTM, this attribute is ignored., however, we recommend entering the display name instead

-id: This is the Unique ID of the TZ in IR

 

4. Under the trustzones section, identify if the list meets the needs of your DFD.

4.1 Note the following:

4.1.1 In this example, the default mapping file contains a label for Generic Trust Border Boundary which will map that boundary to the Public TZ within IR since the id in the mapping file is the same as the

Unique ID:

_5__IR_TZ.png

- label: Generic Trust Border Boundary
  type: Public
  id: 6376d53e-6461-412b-8e04-7b3fe2b397de

 

4.1.2 Since our DFD contains two boundaries with the same label (Generic Trust Border Boundary ), and one is nested in the other.

4.1.3 The default mapping file does not contain a mapping for Azure Trust Boundary.

 

4.2 Make the following assumptions:

4.2.1 Map the Cloud Service boundary border to the Public TZ

4.2.2 Map the Internet boundary border to the Internet TZ

4.2.3 For border boundary Public Cloud [1.3], we will need to create a new TZ since the rating has been evaluated to be 50 and the for Public Cloud TZ is too high (at 60).

 

5. Create a new TZ and note the Unique ID:

Name:

Reference: public-cloud-custom

Trust Rating: 50

 

_6__custom_TZ.png

 

 

 

 

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk