def test_get_pillars_to_statuses(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.maxDiff = None
expected = {
zero_trust_consts.AUTOMATION_ORCHESTRATION:
zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.DEVICES: zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.NETWORKS: zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.PEOPLE: zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.VISIBILITY_ANALYTICS:
zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.WORKLOADS: zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.DATA: zero_trust_consts.STATUS_UNEXECUTED
}
self.assertEqual(ZeroTrustService.get_pillars_to_statuses(), expected)
save_example_findings()
expected = {
zero_trust_consts.AUTOMATION_ORCHESTRATION:
zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.DEVICES: zero_trust_consts.STATUS_FAILED,
zero_trust_consts.NETWORKS: zero_trust_consts.STATUS_VERIFY,
zero_trust_consts.PEOPLE: zero_trust_consts.STATUS_VERIFY,
zero_trust_consts.VISIBILITY_ANALYTICS:
zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.WORKLOADS: zero_trust_consts.STATUS_UNEXECUTED,
zero_trust_consts.DATA: zero_trust_consts.STATUS_FAILED
}
self.assertEqual(ZeroTrustService.get_pillars_to_statuses(), expected)
def test_get_events_without_overlap(self):
monkey_island.cc.services.reporting.zero_trust_service.EVENT_FETCH_CNT = 5
self.assertListEqual([],
ZeroTrustService._get_events_without_overlap(
5, [1, 2, 3]))
self.assertListEqual([3],
ZeroTrustService._get_events_without_overlap(
6, [1, 2, 3]))
self.assertListEqual([1, 2, 3, 4, 5],
ZeroTrustService._get_events_without_overlap(
10, [1, 2, 3, 4, 5]))
def test_get_principles_status(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.maxDiff = None
save_example_findings()
expected = dict(EXPECTED_DICT) # new mutable
result = ZeroTrustService.get_principles_status()
# Compare expected and result, no order:
for pillar_name, pillar_principles_status_result in result.items():
for index, pillar_principle_status_expected in enumerate(
expected.get(pillar_name)):
correct_one = None
for pillar_principle_status_result in pillar_principles_status_result:
if pillar_principle_status_result[
"principle"] == pillar_principle_status_expected[
"principle"]:
correct_one = pillar_principle_status_result
break
# Compare tests no order
self.assertTrue(
compare_lists_no_order(
correct_one["tests"],
pillar_principle_status_expected["tests"]))
# Compare the rest
del pillar_principle_status_expected["tests"]
del correct_one["tests"]
self.assertEqual(sorted(correct_one),
sorted(pillar_principle_status_expected))
def get(self, report_type=SECURITY_REPORT_TYPE, report_data=None):
if report_type == SECURITY_REPORT_TYPE:
return ReportService.get_report()
elif report_type == ZERO_TRUST_REPORT_TYPE:
if report_data == REPORT_DATA_PILLARS:
return jsonify({
"statusesToPillars": ZeroTrustService.get_statuses_to_pillars(),
"pillarsToStatuses": ZeroTrustService.get_pillars_to_statuses(),
"grades": ZeroTrustService.get_pillars_grades()
}
)
elif report_data == REPORT_DATA_PRINCIPLES_STATUS:
return jsonify(ZeroTrustService.get_principles_status())
elif report_data == REPORT_DATA_FINDINGS:
return jsonify(ZeroTrustService.get_all_findings())
flask_restful.abort(http.client.NOT_FOUND)
def test_get_pillars_grades(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
save_example_findings()
expected = [{
zero_trust_consts.STATUS_FAILED: 5,
zero_trust_consts.STATUS_VERIFY: 2,
zero_trust_consts.STATUS_PASSED: 1,
zero_trust_consts.STATUS_UNEXECUTED: 1,
"pillar": "Data"
}, {
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 2,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 1,
"pillar": "People"
}, {
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 2,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 4,
"pillar": "Networks"
}, {
zero_trust_consts.STATUS_FAILED: 1,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 2,
zero_trust_consts.STATUS_UNEXECUTED: 1,
"pillar": "Devices"
}, {
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 0,
"pillar": "Workloads"
}, {
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 3,
"pillar": "Visibility & Analytics"
}, {
zero_trust_consts.STATUS_FAILED: 0,
zero_trust_consts.STATUS_VERIFY: 0,
zero_trust_consts.STATUS_PASSED: 0,
zero_trust_consts.STATUS_UNEXECUTED: 0,
"pillar": "Automation & Orchestration"
}]
result = ZeroTrustService.get_pillars_grades()
self.assertEqual(result, expected)
def get(self, finding_id: str):
return {
'events_json':
json.dumps(ZeroTrustService.get_events_by_finding(finding_id),
default=str)
}
def test_get_principles_status(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.maxDiff = None
save_example_findings()
expected = {
AUTOMATION_ORCHESTRATION: [],
DATA: [{
"principle":
PRINCIPLES[PRINCIPLE_DATA_TRANSIT],
"status":
STATUS_FAILED,
"tests": [
{
"status":
STATUS_FAILED,
"test":
TESTS_MAP[TEST_DATA_ENDPOINT_HTTP]
[TEST_EXPLANATION_KEY]
},
{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_DATA_ENDPOINT_ELASTIC]
[TEST_EXPLANATION_KEY]
},
]
}],
DEVICES: [{
"principle":
PRINCIPLES[PRINCIPLE_ENDPOINT_SECURITY],
"status":
STATUS_FAILED,
"tests": [
{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_MACHINE_EXPLOITED][TEST_EXPLANATION_KEY]
},
{
"status":
STATUS_FAILED,
"test":
TESTS_MAP[TEST_ENDPOINT_SECURITY_EXISTS]
[TEST_EXPLANATION_KEY]
},
]
}],
NETWORKS: [
{
"principle":
PRINCIPLES[PRINCIPLE_SEGMENTATION],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_SEGMENTATION][TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_USER_BEHAVIOUR],
"status":
STATUS_VERIFY,
"tests": [{
"status":
STATUS_VERIFY,
"test":
TESTS_MAP[TEST_SCHEDULED_EXECUTION]
[TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_USERS_MAC_POLICIES],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_COMMUNICATE_AS_NEW_USER]
[TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_ANALYZE_NETWORK_TRAFFIC],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_MALICIOUS_ACTIVITY_TIMELINE]
[TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_TUNNELING][TEST_EXPLANATION_KEY]
}]
},
],
PEOPLE: [{
"principle":
PRINCIPLES[PRINCIPLE_USER_BEHAVIOUR],
"status":
STATUS_VERIFY,
"tests": [{
"status":
STATUS_VERIFY,
"test":
TESTS_MAP[TEST_SCHEDULED_EXECUTION][TEST_EXPLANATION_KEY]
}]
}, {
"principle":
PRINCIPLES[PRINCIPLE_USERS_MAC_POLICIES],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_COMMUNICATE_AS_NEW_USER]
[TEST_EXPLANATION_KEY]
}]
}],
VISIBILITY_ANALYTICS: [
{
"principle":
PRINCIPLES[PRINCIPLE_USERS_MAC_POLICIES],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_COMMUNICATE_AS_NEW_USER]
[TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_ANALYZE_NETWORK_TRAFFIC],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_MALICIOUS_ACTIVITY_TIMELINE]
[TEST_EXPLANATION_KEY]
}]
},
{
"principle":
PRINCIPLES[PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES],
"status":
STATUS_UNEXECUTED,
"tests": [{
"status":
STATUS_UNEXECUTED,
"test":
TESTS_MAP[TEST_TUNNELING][TEST_EXPLANATION_KEY]
}]
},
],
WORKLOADS: []
}
result = ZeroTrustService.get_principles_status()
self.assertEquals(result, expected)
