Skip to content

t1819/security_score_system

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
public
public
 
 
views
views
 
 
.gitignore
.gitignore
 
 
Readme.md
Readme.md
 
 
Reference.md
Reference.md
 
 
app.js
app.js
 
 
nodejs_setup.sh
nodejs_setup.sh
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

Application Security Criticality Score System

This project is a web application to calculate and store the criticality score of application security vulnerabilities. The score ranges from 1 to 10, where 10 is the most critical and 1 is the least critical. The application uses Node.js, Express.js, and SQLite for data persistence.

Features

  • User-friendly form to input vulnerability details and calculate the criticality score.
  • Scores are calculated based on various factors like severity, exploitability, exposure, etc.
  • Real-time display of the calculated score and detailed breakdown.
  • Persistent storage of calculated scores using SQLite.
  • View all stored scores with detailed breakdowns.

Technologies Used

  • Node.js
  • Express.js
  • SQLite
  • Bootstrap for styling
  • jQuery for AJAX requests

Setup Instructions

Prerequisites

  • Node.js installed
  • npm (Node Package Manager) installed

Installation

  1. Clone the repository:

    git clone https://github.com/your-username/your-repo-name.git
cd your-repo-name

  2. Install the dependencies:

    npm install

  3. Ensure the database directory exists:

    mkdir database

  4. Place the image and favicon files in the public directory:

    • Ensure entrata_logo.jpeg and the favicon are placed in public/images.

  5. Run the application:

    node app.js

Accessing the Application

  • Open your web browser and visit http://localhost:3000 to access the application.

File Structure

|-- app.js
|-- package.json
|-- package-lock.json
|-- views
|   `-- index.html
|-- public
|   |-- css
|   |   `-- styles.css
|   |-- images
|   |   |-- entrata_logo.jpeg
|   |   `-- favicon.jpeg
|-- database
|   `-- scores.db

Usage

Home Page

  • Fill out the form with the details of the vulnerability.
  • Click "Calculate Score" to see the total criticality score and detailed breakdown.

View Scores Page

  • Navigate to "View Scores" to see all stored scores along with detailed breakdowns.

Example

Calculating SQL Injection Vulnerability Score

Example breakdown:

  • Severity: Critical (10)
  • Exploitability: High (10)
  • Exposure: Public (10)
  • Impact: Severe (10)
  • Asset Value: High (10)
  • Compliance: High (10)
  • Detectability: Low (10)
  • Remediation Effort: High (10)
  • Business Impact: High (10)
  • User Impact: High (10)
  • System Criticality: High (10)
  • Environment: Production (10)
  • Frequency: Frequent (10)

With the given weights, the total score is calculated as:

Total Score = 0.20*10 + 0.15*10 + 0.10*10 + 0.15*10 + 0.10*10 + 0.10*10 + 0.10*10 + 0.05*10 + 0.10*10 + 0.05*10 + 0.10*10 + 0.05*10 + 0.05*10 = 10

Contributing

Feel free to submit issues or pull requests if you have any improvements or bug fixes.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages