diff --git a/services/crypto/SecMgmt/threats.yaml b/services/crypto/SecMgmt/threats.yaml new file mode 100644 index 00000000..446570c4 --- /dev/null +++ b/services/crypto/SecMgmt/threats.yaml @@ -0,0 +1,14 @@ +common_threats: + - CCC.TH01 # Access control is misconfigured + - CCC.TH03 # Deployment region network is untrusted + - CCC.TH04 # Data is replicated to untrusted or external locations + - CCC.TH05 # Data is corrupted during replication + - CCC.TH06 # Data is lost or corrupted + - CCC.TH07 # Logs are Tampered With or Deleted + - CCC.TH09 # Logs or Monitoring Data are Read by Unauthorized Users + - CCC.TH11 # Event Notifications are Incorrectly Triggered + - CCC.TH13 # Resource Tags Are Manipulated + - CCC.TH14 # Older Resource Versions Are Exploited + - CCC.TH15 # Automated Enumeration and Reconnaissance by Non-Human Entities + - CCC.TH16 # Non-compliance with encryption key management policies + diff --git a/services/database/relational/controls.yaml b/services/database/relational/controls.yaml index a1a4fd92..408986eb 100644 --- a/services/database/relational/controls.yaml +++ b/services/database/relational/controls.yaml @@ -7,16 +7,17 @@ common_controls: - CCC.C06 # Prevent deployment in restricted regions - CCC.C07 # Alert on non-human enumeration - CCC.C09 # Prevent tampering, deletion, or unauthorized access to access logs - - CCC.C10 # Prevent data replication to destinations outside of defined trust perimeter + - CCC.C10 # Prevent data replication to destinations outside of perimeter controls: - id: CCC.RDMS.C01 - title: backup database to alternative trust-zone + title: Backup Database to Alternative Trust-Zone objective: | - Ensure that databases are backed up and the backup is outside of the applications trust-zone + Ensure that databases are backed up and the backup is outside of the + applications trust-zone control_family: Data threats: - - CCC.RDMS.TH14 # DB backup is uninentionally restored + - CCC.RDMS.TH14 # DB backup is unintentionally restored nist_csf: PR.DS-11 control_mappings: NIST_800_53: @@ -24,8 +25,64 @@ controls: test_requirements: - id: CCC.RDMS.C01.TR01 text: | - From the same trust-zone as the database attempt to access the database backup and ensure that access is - denied + From the same trust-zone as the database attempt to access + the database backup and ensure that access is denied + tlp_levels: + - tlp_red + - tlp_amber + + - id: CCC.RDMS.C02 + title: Disable Access with Default Credentials + objective: | + Ensure that default credentials are disabled and only authorized + roles can access database resources. + control_family: Data + nist_csf: PR.AC-5 + threats: + - CCC.RDMS.TH01 # Unauthorized access to database + control_mappings: + CCM: + - IAM-09 + - IAM-13 + ISO_27001: + - 2013 A.9.2.6 + NIST_800_53: + - AC-17 + test_requirements: + - id: CCC.RDMS.C02.TR01 + text: Secure Database Access Control + tlp_levels: + - tlp_red + - tlp_amber + + - id: CCC.RDMS.C03 + title: Restrict Snapshot Collection To Trusted Roles + objective: Limit snapshot collection capabilities to trusted roles. + control_family: Data + nist_csf: PR.DS-3 + threats: + - CCC.RDMS.TH02 # Unauthorized cross organization snapshot collection + control_mappings: + CCM: + - DSI-05 + - DSI-07 + ISO_27001: + - 2013 A.12.3.1 + NIST_800_53: + - CP-09 + test_requirements: + - id: CCC.RDMS.C3.TR01 + text: Snapshot collection by trusted roles + tlp_levels: + - tlp_red + - tlp_amber + - id: CCC.RDMS.C03.TR02 + text: Restriction of snapshot collection capabilities + tlp_levels: + - tlp_red + - tlp_amber + - id: CCC.RDMS.C03.TR03 + text: Prevent unauthorized snapshot collection tlp_levels: - tlp_red - tlp_amber diff --git a/services/database/relational/features.yaml b/services/database/relational/features.yaml index ab79548a..435e402e 100644 --- a/services/database/relational/features.yaml +++ b/services/database/relational/features.yaml @@ -39,11 +39,13 @@ features: - id: CCC.RDMS.F06 title: DB Managed Credentials description: | - Ability to managed the database credentials using the cloud provider's secret management service. + Ability to managed the database credentials using the cloud + provider's secret management service. - id: CCC.RDMS.F07 title: DB Self Managed Credentials description: | - Ability to manage the database credentials by client managed username and passwords. + Ability to manage the database credentials by client managed + username and passwords. - id: CCC.RDMS.F08 title: Support for IPv4 description: | @@ -71,7 +73,8 @@ features: - id: CCC.RDMS.F14 title: Dedicated Database Instances description: | - Option to deploy the database on a dedicated instance for isolation requirements. + Option to deploy the database on a dedicated instance for + isolation requirements. - id: CCC.RDMS.F15 title: Horizontal Scaling description: | @@ -79,4 +82,5 @@ features: - id: CCC.RDMS.F16 title: Failover description: | - Standby database can be implemented for failover when the primary can't be reached. + Standby database can be implemented for failover when the + primary can't be reached. diff --git a/services/database/relational/threats.yaml b/services/database/relational/threats.yaml index c02d6d9a..46813266 100644 --- a/services/database/relational/threats.yaml +++ b/services/database/relational/threats.yaml @@ -15,8 +15,9 @@ threats: - id: CCC.RDMS.TH01 title: Unauthorized access to database description: | - A threat actor gains unauthorized access to the cloud relational database by - using a compromised role or using default administrative credentials. + A threat actor gains unauthorized access to the cloud relational + database by using a compromised role or using default + administrative credentials. features: - CCC.RDMS.F01 # SQL Support - CCC.F06 # Identity Based Access Control @@ -27,8 +28,9 @@ threats: - id: CCC.RDMS.TH02 title: Unauthorized cross organization snapshot collection description: | - A threat actor initiates a snapshot collection activity using a privileged role - and copies the snapshot outside of the organization, which allows for data exfiltration and theft. + A threat actor initiates a snapshot collection activity using + a privileged role and copies the snapshot outside of the + organization, which allows for data exfiltration and theft. features: - CCC.F11 # Backup - CCC.F12 # Recovery @@ -40,8 +42,9 @@ threats: - id: CCC.RDMS.TH03 title: Disabled logging & monitoring description: | - A threat actor disables the logging and monitoring of the relational database, - which allows evasion and removes traces of malicious actions. + A threat actor disables the logging and monitoring of the + relational database, which allows evasion and removes + traces of malicious actions. features: - CCC.F10 # Logging - CCC.F09 # Monitoring @@ -51,7 +54,9 @@ threats: - id: CCC.RDMS.TH04 title: Unauthorized configuration modification - description: A threat actor attempts to make changes to the configuration of the cloud RDMS with a malicious role. + description: | + A threat actor attempts to make changes to the + configuration of the cloud RDMS with a malicious role. features: - CCC.RDMS.F01 # SQL Support - CCC.F06 # Identity Based Access Control @@ -94,7 +99,9 @@ threats: - id: CCC.RDMS.TH14 title: DB backup is uninentionally restored - description: A threat actor restores a database backup thereby destroying data. + description: | + A threat actor restores a database backup thereby + destroying data. features: - CCC.F11 mitre_technique: @@ -114,7 +121,8 @@ threats: - id: CCC.RDMS.TH16 title: Database backups stopped description: | - Threat actor stops database backups from occuring to inhibit system recovery. + Threat actor stops database backups from occuring to inhibit + system recovery. features: - CCC.F11 mitre_technique: