public void Initialize([NotNull] IThreatModel model) { var entitiesPropertySchemaManager = new EntitiesPropertySchemaManager(model); entitiesPropertySchemaManager.GetSchema(); var dataFlowsPropertySchemaManager = new DataFlowsPropertySchemaManager(model); dataFlowsPropertySchemaManager.GetSchema(); var threatsPropertySchemaManager = new ThreatsPropertySchemaManager(model); threatsPropertySchemaManager.GetSchema(); }
private void ImportThreats([NotNull] ThreatModel source, [NotNull] IThreatModel target, Func <IThreatModel, Threat, IThreatType, IPropertySchema, bool> unassignedThreatHandler, out int threatTypes, out int customThreatTypes, out int threats, out int missingThreats) { threatTypes = 0; customThreatTypes = 0; threats = 0; missingThreats = 0; var threatsPerType = source.ThreatsPerType; if (threatsPerType?.Any() ?? false) { var schema = new ThreatsPropertySchemaManager(target).GetSchema(); InitializeThreatsPropertySchema(schema, source.Properties); var schemaManager = new ObjectPropertySchemaManager(target); var defaultSeverity = target.GetMappedSeverity(0); foreach (var threatPerType in threatsPerType) { var tt = source.GetThreatType(threatPerType.Key); IThreatType threatType = null; if (!string.IsNullOrWhiteSpace(tt.Name)) { ISeverity severity; if (Enum.TryParse <DefaultSeverity>(tt.Priority, out var severityId)) { severity = target.GetMappedSeverity((int)severityId); } else { severity = target.GetMappedSeverity((int)DefaultSeverity.High); } threatType = target.AddThreatType(tt.Name, severity); if (threatType != null) { threatType.Description = tt.Description; var threatTypeProperties = tt.Properties?.ToArray(); if (threatTypeProperties?.Any() ?? false) { foreach (var property in threatTypeProperties) { switch (property.Name) { case "Title": break; case "UserThreatDescription": break; case "Priority": break; default: var propertyType = schema.GetPropertyType(property.Label); if (propertyType != null) { threatType.AddProperty(propertyType, property.Values.FirstOrDefault()); } break; } } } threatTypes++; } else { threatType = target.ThreatTypes? .FirstOrDefault(x => string.CompareOrdinal(x.Name, tt.Name) == 0); } } else { var internalThreats = threatPerType.Value; if (internalThreats.Any()) { foreach (var internalThreat in internalThreats) { threatType = target.AddThreatType(internalThreat.ToString(), defaultSeverity); if (threatType != null) { threatType.Description = internalThreat.GetValueFromLabel("Description"); customThreatTypes++; } else { threatType = target.ThreatTypes?.FirstOrDefault(x => string.CompareOrdinal(x.Name, internalThreat.ToString()) == 0); } break; } } } if (threatType != null) { CreateGenerationRule(source, tt, threatType); foreach (var threat in threatPerType.Value) { var flow = GetDataFlow(threat.FlowGuid.ToString(), target, schemaManager); if (flow != null) { var threatEvent = flow.AddThreatEvent(threatType); if (threatEvent != null) { AddProperties(threatEvent, threat, schema); threats++; } else { missingThreats++; } } else { if (unassignedThreatHandler != null) { if (unassignedThreatHandler(target, threat, threatType, schema)) { threats++; } else { missingThreats++; } } else { var threatEvent = target.AddThreatEvent(threatType); if (threatEvent != null) { AddProperties(threatEvent, threat, schema); threats++; } else { missingThreats++; } } } } } } } }
private void ImportThreats([NotNull] IEnumerable <ThreatSourceNode> nodes) { var propertySchemaManager = new CapecPropertySchemaManager(_model); var propertySchema = propertySchemaManager.GetSchema(); var threatsSchemaManager = new ThreatsPropertySchemaManager(_model); var threatsSchema = threatsSchemaManager.GetSchema(); var hiddenProperties = _catalog.HiddenProperties.ToArray(); var hpPropertyType = propertySchemaManager.GetHiddenPropertiesPropertyType(); if (hpPropertyType != null) { var property = _model.GetProperty(hpPropertyType); if (property is IPropertyTokens propertyTokens) { propertyTokens.Value = hiddenProperties; } else { _model.AddProperty(hpPropertyType, hiddenProperties.TagConcat()); } } var unkownSeverity = _model.GetMappedSeverity(0); foreach (var node in nodes) { var threatType = _model.AddThreatType(node.Name, unkownSeverity); if (threatType != null) { var properties = node.Properties.Where(x => !hiddenProperties.Contains(x.Key)).ToArray(); if (properties.Any()) { foreach (var property in properties) { if (!IsSpecialProperty(property.Key, property.Value, threatType)) { var propertyType = propertySchema.GetPropertyType(property.Key) ?? propertySchema.AddPropertyType(property.Key, PropertyValueType.String); if (propertyType != null) { var p = threatType.GetProperty(propertyType); if (p != null) { p.StringValue = property.Value; } else { threatType.AddProperty(propertyType, property.Value); } } } } } var keywords = _catalog.GetKeywords(node.Id)?.ToArray(); if (keywords?.Any() ?? false) { var keywordsPT = threatsSchema.GetPropertyType("Keywords") ?? threatsSchema.AddPropertyType("Keywords", PropertyValueType.Tokens); if (keywordsPT != null) { var keywordsP = threatType.GetProperty(keywordsPT); if (keywordsP != null) { keywordsP.StringValue = keywords.TagConcat(); } else { threatType.AddProperty(keywordsPT, keywords.TagConcat()); } } } } } }
public void Initialize([NotNull] IThreatModel model) { var schemaManager = new ThreatsPropertySchemaManager(model); schemaManager.GetSchema(); }