Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: DNM: Update to use text based impacts and description sub-sections #13

Closed
wants to merge 3 commits into from
Closed

WIP: DNM: Update to use text based impacts and description sub-sections #13

wants to merge 3 commits into from

Conversation

aaronlippold
Copy link
Member

@aaronlippold aaronlippold commented Nov 19, 2018
edited
Loading

  • updated to use text based impacts via CVSS 3.0
  • updated to use description sub-sections for rationale, check and fix

Note to implementer:

  • we should be able to parse a mixed set of data. i.e. they used numbers for impact in some and some text, they used tags in some and sub-sections in other controls etc.
  • check and fix should drop into the normal place
  • TBD: all non-default descriptions should be at the end after a new line of the default
  • special case: caveat sub-section should be placed both at the end of the results display as well. We can document this in the readme of heimdall (open issue) and heimdall-lite (open-issue) as a way for folks to document results.

Blocked from merge until heimdall and heimdall-lite add the logic to parse both styles.

Fixes #15 #14
mitre/heimdall-lite#44
mitre/heimdall-mongo#72

aaronlippold and others added 3 commits November 18, 2018 19:24
@aaronlippold
* updated to use description sub-sections for rationale, check and fix
a999a65 
* updated to use the CVSS 3.0 text based impacts
* updated profile version to 1.1.0

Co-Authored-By: Rony Xaiver <rx294@gmail.com>
@aaronlippold
* updated to use description sub-sections for rationale, check and fix
71d4096 
* updated to use the CVSS 3.0 text based impacts
* updated profile version to 1.1.0

Co-Authored-By: Rony Xaiver <rx294@gmail.com>

Signed-off-by: Aaron Lippold <lippold@gmail.com>
@aaronlippold
Merge branch 'al/use-desc-sub-sections' of https://github.com/mitre/c…
195bc8b 
…is-aws-foundations-baseline into al/use-desc-sub-sections
@aaronlippold aaronlippold added enhancement Blocker Blocks action and or delivery labels Nov 19, 2018
@rx294
Copy link
Contributor

rx294 commented May 13, 2019

The age of the PR is causing a lot of merge conflicts ...it might be more time efficient to just do a new PR

@aaronlippold
Copy link
Member Author

Closing this in favor of your new 1.2 update

@karikarshivani karikarshivani deleted the al/use-desc-sub-sections branch September 18, 2020 16:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robthew robthew Awaiting requested review from robthew

@rx294 rx294 Awaiting requested review from rx294

@ejaronne ejaronne Awaiting requested review from ejaronne

Assignees

@robthew robthew

@rx294 rx294

Labels
Blocker Blocks action and or delivery enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move to the text based impact as it communicates more directly
3 participants
@aaronlippold @rx294 @robthew