Its is possible to automatically mark countermeasures as implemented when using a certain component in a Threat Model, an example of this may be:
- Using a firewall component in a Threat Model results countermeasures being implemented due to the added security a firewall adds to the infrastructure.
Permissions Required:
- ARCHITECTURE_UPDATE
- ARCHITECTURE_VIEW
- COUNTERMEASURE_ADD_FROM_EXISTING
- COUNTERMEASURE_CREATE
- COUNTERMEASURE_SELECT_IMPLEMENTED
- COUNTERMEASURE_VIEW
- PRODUCT_COMPONENT_CREATE
- COMPONENT_DEFINITIONS_UPDATE
- COMPONENT_DEFINITIONS_VIEW
- DROOLS_CREATION_RULE
- EDIT_RULES
- TEMPLATE_LIBRARY_VIEW
- API_ACCESS
Step 1 - Create a custom library/Risk Pattern/Countermeasures
Please follow this technote/video to create a custom library, along with the custom content needed in a custom library (risk pattern, countermeasure, threats etc) in IriusRisk:
https://support.iriusrisk.com/hc/en-us/articles/6296633697437-How-to-create-a-custom-library
Step 2 - Create a custom component and link it to the custom library
Select Object > Component:
Then select 'New Component' > Insert custom library and risk patterns created on previous step:
Step 3 - Create custom rules to trigger the automation
Firstly, we will create a rule to trigger a conclusion, based on the firewall component - see below:
Save the rule, then create another custom rule that will trigger when the conclusion is met - see below:
**Note** - the library must be the custom library that was created in the Step 1.
Step 4 - Edit the last custom rule created via Drools
Edit the rule that you created lastly in the previous step, i.e. in my case I will be editing '__firewall_2' - Please navigate to 'Rules' > 'Drools' > your custom rule - see below:
Please then ensure your code looks similar to the snippet below - you will need to remove some code in the Conslusion - see code below:
package com.iriusrisk.drools;
import com.iriusrisk.drools.model.*;
import com.iriusrisk.drools.model.riskpattern.*;
import com.iriusrisk.model.*;
import com.iriusrisk.*;
import com.iriusrisk.drools.fact.*;
import com.iriusrisk.factories.DroolsValueConverter;
import com.iriusrisk.utils.EntityWithUDTUtil;
import com.iriusrisk.drools.fact.TagFact;
rule "__firewall_2"
no-loop
when
$project : ProjectFact()
$component : ComponentFact()
Conclusion(id == "firewall");
then
insertLogical(ChangeComponentCountermeasureStateFact.createImplementation($component.getComponentReferenceId(), "test-countermeasure", false));
end
Comments
0 comments
Please sign in to leave a comment.