diff --git a/python/.cdktg.out/manifest.json b/python/.cdktg.out/manifest.json index ee79319..4a0ce15 100644 --- a/python/.cdktg.out/manifest.json +++ b/python/.cdktg.out/manifest.json @@ -1,5 +1,5 @@ { - "version": "0.0.18", + "version": "0.0.22", "models": { "Model Stub": { "name": "Model Stub", diff --git a/python/.cdktg.out/models/ModelStub.yml b/python/.cdktg.out/models/ModelStub.yml index 2273cec..0721714 100644 --- a/python/.cdktg.out/models/ModelStub.yml +++ b/python/.cdktg.out/models/ModelStub.yml @@ -7,6 +7,8 @@ author: name: John Doe homepage: null management_summary_comment: null +business_overview: null +technical_overview: null business_criticality: important questions: {} abuse_cases: {} diff --git a/python/dist/ModelStub/report.pdf b/python/dist/ModelStub/report.pdf index c03452e..6b8556e 100644 Binary files a/python/dist/ModelStub/report.pdf and b/python/dist/ModelStub/report.pdf differ diff --git a/python/dist/ModelStub/risks.xlsx b/python/dist/ModelStub/risks.xlsx index 947d27c..aff0d4b 100644 Binary files a/python/dist/ModelStub/risks.xlsx and b/python/dist/ModelStub/risks.xlsx differ diff --git a/python/dist/ModelStub/tags.xlsx b/python/dist/ModelStub/tags.xlsx index 80a2401..64cb8bb 100644 Binary files a/python/dist/ModelStub/tags.xlsx and b/python/dist/ModelStub/tags.xlsx differ diff --git a/python/dist/ModelStub/threagile.yaml b/python/dist/ModelStub/threagile.yaml index 2273cec..0721714 100644 --- a/python/dist/ModelStub/threagile.yaml +++ b/python/dist/ModelStub/threagile.yaml @@ -7,6 +7,8 @@ author: name: John Doe homepage: null management_summary_comment: null +business_overview: null +technical_overview: null business_criticality: important questions: {} abuse_cases: {} diff --git a/python/package.json b/python/package.json index a2226b7..fed6a8f 100644 --- a/python/package.json +++ b/python/package.json @@ -8,6 +8,6 @@ "model:analyse": "cdktg analyse" }, "devDependencies": { - "cdktg": "^0.0.18" + "cdktg": "^0.0.22" } } diff --git a/python/requirements.txt b/python/requirements.txt index cfebb89..32b7161 100644 --- a/python/requirements.txt +++ b/python/requirements.txt @@ -1,2 +1,2 @@ constructs>=10.0.0 -cdktg>=0.0.18 \ No newline at end of file +cdktg>=0.0.22 \ No newline at end of file diff --git a/typescript/.cdktg.out/manifest.json b/typescript/.cdktg.out/manifest.json index ee79319..4a0ce15 100644 --- a/typescript/.cdktg.out/manifest.json +++ b/typescript/.cdktg.out/manifest.json @@ -1,5 +1,5 @@ { - "version": "0.0.18", + "version": "0.0.22", "models": { "Model Stub": { "name": "Model Stub", diff --git a/typescript/.cdktg.out/models/ModelStub.yml b/typescript/.cdktg.out/models/ModelStub.yml index 2273cec..0721714 100644 --- a/typescript/.cdktg.out/models/ModelStub.yml +++ b/typescript/.cdktg.out/models/ModelStub.yml @@ -7,6 +7,8 @@ author: name: John Doe homepage: null management_summary_comment: null +business_overview: null +technical_overview: null business_criticality: important questions: {} abuse_cases: {} diff --git a/typescript/dist/ModelStub/report.pdf b/typescript/dist/ModelStub/report.pdf index 27453b1..3eda0a8 100644 Binary files a/typescript/dist/ModelStub/report.pdf and b/typescript/dist/ModelStub/report.pdf differ diff --git a/typescript/dist/ModelStub/risks.json b/typescript/dist/ModelStub/risks.json index 0d4ea1d..dd543c1 100644 --- a/typescript/dist/ModelStub/risks.json +++ b/typescript/dist/ModelStub/risks.json @@ -1 +1 @@ -[{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"mixed-targets-on-shared-runtime","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMixed Targets on Shared Runtime\u003c/b\u003e named \u003cb\u003eSome Shared Runtime\u003c/b\u003e might enable attackers moving from one less valuable target to a more valuable one","synthetic_id":"mixed-targets-on-shared-runtime@some-shared-runtime","most_relevant_data_asset":"","most_relevant_technical_asset":"","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"some-shared-runtime","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset","some-other-technical-asset"]},{"category":"missing-authentication","risk_status":"unchecked","severity":"elevated","exploitation_likelihood":"likely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Authentication\u003c/b\u003e covering communication link \u003cb\u003eSome Traffic\u003c/b\u003e from \u003cb\u003eSome Technical Asset\u003c/b\u003e to \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-authentication@some-technical-asset\u003esome-traffic@some-technical-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"server-side-request-forgery","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eServer-Side Request Forgery (SSRF)\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e server-side web-requesting the target \u003cb\u003eSome Other Technical Asset\u003c/b\u003e via \u003cb\u003eSome Traffic\u003c/b\u003e","synthetic_id":"server-side-request-forgery@some-technical-asset@some-other-technical-asset@some-technical-asset\u003esome-traffic","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-hardening","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eMissing Hardening\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"missing-hardening@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-vault","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Vault (Secret Storage)\u003c/b\u003e in the threat model (referencing asset \u003cb\u003eSome Technical Asset\u003c/b\u003e as an example)","synthetic_id":"missing-vault@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":[]},{"category":"missing-waf","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMissing Web Application Firewall (WAF)\u003c/b\u003e risk at \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-waf@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]}] \ No newline at end of file +[{"category":"mixed-targets-on-shared-runtime","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMixed Targets on Shared Runtime\u003c/b\u003e named \u003cb\u003eSome Shared Runtime\u003c/b\u003e might enable attackers moving from one less valuable target to a more valuable one","synthetic_id":"mixed-targets-on-shared-runtime@some-shared-runtime","most_relevant_data_asset":"","most_relevant_technical_asset":"","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"some-shared-runtime","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset","some-other-technical-asset"]},{"category":"missing-authentication","risk_status":"unchecked","severity":"elevated","exploitation_likelihood":"likely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Authentication\u003c/b\u003e covering communication link \u003cb\u003eSome Traffic\u003c/b\u003e from \u003cb\u003eSome Technical Asset\u003c/b\u003e to \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-authentication@some-technical-asset\u003esome-traffic@some-technical-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"server-side-request-forgery","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eServer-Side Request Forgery (SSRF)\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e server-side web-requesting the target \u003cb\u003eSome Other Technical Asset\u003c/b\u003e via \u003cb\u003eSome Traffic\u003c/b\u003e","synthetic_id":"server-side-request-forgery@some-technical-asset@some-other-technical-asset@some-technical-asset\u003esome-traffic","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"some-technical-asset\u003esome-traffic","data_breach_probability":"possible","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-hardening","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"likely","exploitation_impact":"low","title":"\u003cb\u003eMissing Hardening\u003c/b\u003e risk at \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"missing-hardening@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]},{"category":"missing-vault","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eMissing Vault (Secret Storage)\u003c/b\u003e in the threat model (referencing asset \u003cb\u003eSome Technical Asset\u003c/b\u003e as an example)","synthetic_id":"missing-vault@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":[]},{"category":"missing-waf","risk_status":"unchecked","severity":"low","exploitation_likelihood":"unlikely","exploitation_impact":"low","title":"\u003cb\u003eMissing Web Application Firewall (WAF)\u003c/b\u003e risk at \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"missing-waf@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Other Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-other-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-other-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-other-technical-asset"]},{"category":"unencrypted-asset","risk_status":"unchecked","severity":"medium","exploitation_likelihood":"unlikely","exploitation_impact":"medium","title":"\u003cb\u003eUnencrypted Technical Asset\u003c/b\u003e named \u003cb\u003eSome Technical Asset\u003c/b\u003e","synthetic_id":"unencrypted-asset@some-technical-asset","most_relevant_data_asset":"","most_relevant_technical_asset":"some-technical-asset","most_relevant_trust_boundary":"","most_relevant_shared_runtime":"","most_relevant_communication_link":"","data_breach_probability":"improbable","data_breach_technical_assets":["some-technical-asset"]}] \ No newline at end of file diff --git a/typescript/dist/ModelStub/risks.xlsx b/typescript/dist/ModelStub/risks.xlsx index e0e3e0a..f75fb86 100644 Binary files a/typescript/dist/ModelStub/risks.xlsx and b/typescript/dist/ModelStub/risks.xlsx differ diff --git a/typescript/dist/ModelStub/tags.xlsx b/typescript/dist/ModelStub/tags.xlsx index 0f517ec..506ae60 100644 Binary files a/typescript/dist/ModelStub/tags.xlsx and b/typescript/dist/ModelStub/tags.xlsx differ diff --git a/typescript/dist/ModelStub/threagile.yaml b/typescript/dist/ModelStub/threagile.yaml index 2273cec..0721714 100644 --- a/typescript/dist/ModelStub/threagile.yaml +++ b/typescript/dist/ModelStub/threagile.yaml @@ -7,6 +7,8 @@ author: name: John Doe homepage: null management_summary_comment: null +business_overview: null +technical_overview: null business_criticality: important questions: {} abuse_cases: {} diff --git a/typescript/package.json b/typescript/package.json index 152a5d3..412199d 100644 --- a/typescript/package.json +++ b/typescript/package.json @@ -8,7 +8,7 @@ "model:analyse": "cdktg analyse" }, "dependencies": { - "cdktg": "^0.0.18", + "cdktg": "^0.0.22", "constructs": "^10.1.42" }, "devDependencies": { diff --git a/typescript/yarn.lock b/typescript/yarn.lock index ab075b5..d4357ad 100644 --- a/typescript/yarn.lock +++ b/typescript/yarn.lock @@ -92,10 +92,10 @@ axios@^0.27.2: follow-redirects "^1.14.9" form-data "^4.0.0" -cdktg@^0.0.18: - version "0.0.18" - resolved "https://registry.yarnpkg.com/cdktg/-/cdktg-0.0.18.tgz#c8b9f714c6e034fdfb3140d3d99f91a28e0b2c7d" - integrity sha512-apnxeBmVrWPXGaEsrcAZfX0lpd6MDRp+gSM/9MNIZomD7KEr1XmV/7R1VKwit/LIkJbHy+btrpZEtqanSRP2MA== +cdktg@^0.0.22: + version "0.0.22" + resolved "https://registry.yarnpkg.com/cdktg/-/cdktg-0.0.22.tgz#629a6f3d9050bb2ff501032b6b06c63c09e967c2" + integrity sha512-dtBWOSvyUKuWOnaJGRI4g3qlXfiM6wmn7sO5PGks8al1C0SzRiM3/4IBS1tO9hsNpspcZHKwsF8RjHvK5Bd0Pw== dependencies: adm-zip "0.5.6" axios "^0.27.2"