Skip to content

Attack config unsafe warning#1006

Merged
mssalvatore merged 2 commits intodevelopfrom
attack-config-unsafe-warning
Mar 2, 2021
Merged

Attack config unsafe warning#1006
mssalvatore merged 2 commits intodevelopfrom
attack-config-unsafe-warning

Conversation

@mssalvatore
Copy link
Collaborator

@mssalvatore mssalvatore commented Mar 1, 2021
edited
Loading

What does this PR do?

Adds a warning when a user submits an ATT&CK config that could be unsafe.

The ATT&CK configuration screen could allow users to unknowingly submit a potentially unsafe configuration.

Example

  1. Go to Exploits and enable an unsafe exploiter.
  2. Submit config -- you are warned that this config may be unsafe.
  3. Go to the ATT&CK configuration screen and click submit -- You are not warned that the config may be unsafe
  4. Export the configuration
  5. Open the exported configuration and verify that the unsafe exploiter is present in the configuration.

Solution
When ATT&CK configurations are submitted, the workflow is:

  1. ATT&CK configuration is submitted to the back-end.
  2. The back-end converts the ATT&CK configuration into a regular configuration
  3. The front-end pulls the new, regular configuration from the back-end.

The ATT&CK configuration does not contain enough information for the front-end to simply determine whether or not it is safe. Therefore, the front-end relies on the back-end to translate the ATT&CK config into a regular config before it can evaluate safety. The front-end can then only warn the user, not prevent submission as in #1000.

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the documentation framework updated to reflect the changes?

Testing Checklist

  • Added relevant unit tests?
  • Have you successfully tested your changes locally? Elaborate:

    Tested locally. See screenshot

  • If applicable, add screenshots or log transcripts of the feature working

attack-warning
@mssalvatore mssalvatore requested a review from VakarisZ March 1, 2021 17:16
@codecov
Copy link

codecov bot commented Mar 1, 2021
edited
Loading

Codecov Report

Merging #1006 (a152da0) into develop (cfaf4a1) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@ Coverage Diff @@ ## develop #1006 +/- ## ======================================== Coverage 26.11% 26.11% ======================================== Files 402 402 Lines 12821 12821 ======================================== Hits 3348 3348 Misses 9473 9473

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cfaf4a1...a152da0. Read the comment docs.
@mssalvatore mssalvatore mentioned this pull request Mar 1, 2021
Closed
VakarisZ
VakarisZ approved these changes Mar 2, 2021
View reviewed changes
Copy link
Contributor

@VakarisZ VakarisZ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Good job!
@mssalvatore mssalvatore merged commit 60395a8 into develop Mar 2, 2021
@mssalvatore mssalvatore deleted the attack-config-unsafe-warning branch April 15, 2021 11:31
@mssalvatore mssalvatore mentioned this pull request Aug 13, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@mssalvatore @VakarisZ