Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add in new KeyMgmt threat and tests #406

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

mlysaght2017
Copy link
Contributor

@eddie-knight - added in todos as well on two threats related to KMS that are currently down as common, but may be better shifted to KMS specific threats - let me know your thoughts.

@mlysaght2017 mlysaght2017 requested review from a team as code owners September 22, 2024 18:14
eddie-knight
eddie-knight previously approved these changes Sep 22, 2024
Comment on lines +111 to +112
threats:
- CCC.KeyMgmt.TH01
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we should map common-controls to specific-threats

@@ -10,7 +10,7 @@ threats:
- TA0005
- T1562
- id: CCC.TH02
title: Vendor-hosted keys are compromised
title: Vendor-hosted keys are compromised #TODO: Should this be in the crypto service?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah that makes sense to me for this one.

@@ -32,7 +32,7 @@ threats:
- TA009
- T1557
- id: CCC.TH04
title: Attacker encrypts data with client-managed keys
title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be a matter of a non-KMS asset being compromised, right? So there is a threat to any service that allows the key to perform destructive action.

Pivot question... Should this instead be "Client managed keys are compromised" ?

damienjburks
damienjburks previously approved these changes Sep 22, 2024
Copy link
Contributor

@damienjburks damienjburks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 🚀

@damienjburks
Copy link
Contributor

@smendis-scottlogic can you please review?

@@ -1,18 +1,32 @@
common_threats:
- CCC.TH01
- CCC.TH03
- CCC.TH13

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need CCC.TH05 here as CCC.C06 is added under common_controls for KMS and CCC.C06 refers to CCC.TH05

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add all the referred threats need their title as a comment in front.
Eg - CCC.TH01 # Unauthorized access through elevated privileges

@@ -32,7 +32,7 @@ threats:
- TA009
- T1557
- id: CCC.TH04
title: Attacker encrypts data with client-managed keys
title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service?
description: |
The service provides encryption mechanisms, but the encryption keys are
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

common_threats.yaml line 54 has a TODO. I think Multi-region deployment make sense to add there. Better to fix it with this MR as CCC.TH05 (line 48-57) should be included in KMS threats.yaml because it is referred by CCC.C06 which is added in KMS controls.yaml

Copy link

This issue will be closed as stale in 7 days. If this issue is blocked, please tag or assign the appropriate party to move this forward.

@github-actions github-actions bot added the stale label Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants