Add in new KeyMgmt threat and tests #406
Conversation
| threats: | ||
| - CCC.KeyMgmt.TH01 |
There was a problem hiding this comment.
I don't think we should map common-controls to specific-threats
| @@ -10,7 +10,7 @@ threats: | |||
| - TA0005 | |||
| - T1562 | |||
| - id: CCC.TH02 | |||
| title: Vendor-hosted keys are compromised | |||
| title: Vendor-hosted keys are compromised #TODO: Should this be in the crypto service? | |||
There was a problem hiding this comment.
Yeah that makes sense to me for this one.
| @@ -32,7 +32,7 @@ threats: | |||
| - TA009 | |||
| - T1557 | |||
| - id: CCC.TH04 | |||
| title: Attacker encrypts data with client-managed keys | |||
| title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service? | |||
There was a problem hiding this comment.
This seems to be a matter of a non-KMS asset being compromised, right? So there is a threat to any service that allows the key to perform destructive action.
Pivot question... Should this instead be "Client managed keys are compromised" ?
mlysaght2017
dismissed stale reviews from damienjburks and eddie-knight
via
d2f7052
|
@smendis-scottlogic can you please review? |
| @@ -1,18 +1,32 @@ | |||
| common_threats: | |||
| - CCC.TH01 | |||
| - CCC.TH03 | |||
| - CCC.TH13 | |||
|
|
|||
There was a problem hiding this comment.
We need CCC.TH05 here as CCC.C06 is added under common_controls for KMS and CCC.C06 refers to CCC.TH05
There was a problem hiding this comment.
Add all the referred threats need their title as a comment in front.
Eg - CCC.TH01 # Unauthorized access through elevated privileges
| @@ -32,7 +32,7 @@ threats: | |||
| - TA009 | |||
| - T1557 | |||
| - id: CCC.TH04 | |||
| title: Attacker encrypts data with client-managed keys | |||
| title: Attacker encrypts data with client-managed keys #TODO: Should this be in the crypto service? | |||
| description: | | |||
| The service provides encryption mechanisms, but the encryption keys are | |||
There was a problem hiding this comment.
common_threats.yaml line 54 has a TODO. I think Multi-region deployment make sense to add there. Better to fix it with this MR as CCC.TH05 (line 48-57) should be included in KMS threats.yaml because it is referred by CCC.C06 which is added in KMS controls.yaml
@eddie-knight - added in todos as well on two threats related to KMS that are currently down as common, but may be better shifted to KMS specific threats - let me know your thoughts.