-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add in new KeyMgmt threat and tests #406
base: main
Are you sure you want to change the base?
Conversation
threats: | ||
- CCC.KeyMgmt.TH01 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we should map common-controls to specific-threats
@@ -10,7 +10,7 @@ threats: | |||
- TA0005 | |||
- T1562 | |||
- id: CCC.TH02 | |||
title: Vendor-hosted keys are compromised | |||
title: Vendor-hosted keys are compromised #TODO: Should this be in the crypto service? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah that makes sense to me for this one.
@@ -32,7 +32,7 @@ threats: | |||
- TA009 | |||
- T1557 | |||
- id: CCC.TH04 | |||
title: Attacker encrypts data with client-managed keys | |||
title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems to be a matter of a non-KMS asset being compromised, right? So there is a threat to any service that allows the key to perform destructive action.
Pivot question... Should this instead be "Client managed keys are compromised" ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! 🚀
d2f7052
@smendis-scottlogic can you please review? |
@@ -1,18 +1,32 @@ | |||
common_threats: | |||
- CCC.TH01 | |||
- CCC.TH03 | |||
- CCC.TH13 | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need CCC.TH05 here as CCC.C06 is added under common_controls for KMS and CCC.C06 refers to CCC.TH05
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add all the referred threats need their title as a comment in front.
Eg - CCC.TH01 # Unauthorized access through elevated privileges
@@ -32,7 +32,7 @@ threats: | |||
- TA009 | |||
- T1557 | |||
- id: CCC.TH04 | |||
title: Attacker encrypts data with client-managed keys | |||
title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service? | |||
description: | | |||
The service provides encryption mechanisms, but the encryption keys are |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
common_threats.yaml
line 54 has a TODO. I think Multi-region deployment make sense to add there. Better to fix it with this MR as CCC.TH05 (line 48-57) should be included in KMS threats.yaml because it is referred by CCC.C06 which is added in KMS controls.yaml
This issue will be closed as stale in 7 days. If this issue is blocked, please tag or assign the appropriate party to move this forward. |
@eddie-knight - added in todos as well on two threats related to KMS that are currently down as common, but may be better shifted to KMS specific threats - let me know your thoughts.