Managing Security Properties
Security properties in ThreatGet play a vital role in defining protection mechanisms for system components to defend against potential cyber attacks. ThreatGet uses these security properties to identify any vulnerabilities that could lead to successful attacks. The tool provides a broad range of security properties, which the rule engine leverages to assess cyber risks.
To meet specific requirements, users may need to add additional security properties. ThreatGet offers the flexibility to create custom security properties, enabling them to be integrated into system models. By visiting the ThreatGet Toolbox page, users can click the SP button on the left side to start managing and creating security properties.
All existing security properties are displayed on the left. If you select a security property created by AIT (i.e., with the AIT namespace), it will be view-only and cannot be edited.
Create a new Security Property
To create a new Security Property, click the green New Security Property button. A form will appear on the right, showing all required fields for configuring the security property.
Enter an appropriate name and relevant description for the security property. It is recommended to provide a clear, meaningful description to prevent any ambiguity or overlap with other Security Properties.
Security Properties can also be restricted to certain types of components. If this protocol should only be available for Elements and Connectors, then we can simply select these two from the dropdown menu.
As you can see, all Security Properties are created with the default namespace (named "USER" in the standard installation), though a different namespace can be selected if necessary. Items created by AIT have the "AIT" namespace.
Security property values can be set as LEVELED, BOOL, or UNRELATED, with distinctions as follows:
-
LEVELED: Provides a range of levels, including options such as undefined, No, Weak, Moderate, or Strong.
-
BOOL: Defines a boolean value for the security property, set to either true or false.
-
UNRELATED: Allows for a customized set of values for the security property. The "undefined" valie is automatically assigned as the initial default value for the new security property.
When selecting the UNRELATED option, users can enter custom values in the provided text field, such as HTTP and HTTPS. Simply type the desired value in the New Value field, then click the Add button on the right to add it.
All values can be deleted by moving the mouse over the value; a red Trash Can icon will appear next to each entry in the Actions column, allowing the user to delete it if necessary.
Additionally, "undefined" is automatically assigned as the default value, but this can be changed if needed. To set a different default value, the user can click the Checkbox in the Default column for the desired value in the table.
On the left upper corner, you can see two buttons ("Circular Arrow", "Trash Can") and a Save button in the middle below the input area.
- Circular Arrow: to undo any changes.
- Trash Can: to cancel the creation of the new element or delete an element, click on the Trash Can.
- Save Button: to save your newly defined component, click on the Save button.
Arranging Security Property Values
Each defined value of the security property has a position and this can be adjusted by using the up and down arrows.
Find a Security Property
As the number of security properties increases over time, finding a specific property may become challenging. This can be addressed by using the search bar, where the user can type the property name to locate it quickly.
All the Security Properties matching the search will then be listed.