kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
main
Aegis/backend/app/services/compliance_import_service.py
kitos 1dcff4ad20
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
Details
feat(compliance): executive descriptions and mapping rationale for all 5 frameworks 
Backend: expose description in control status response, add rich business-language
descriptions to all curated controls (ISO 27001, ISO 42001, CIS v8, DORA) explaining
requirements and ATT&CK mapping rationale. ISO 42001 includes infrastructure-mapping note.

Frontend: description field in type, info panel in ControlsTable expanded rows,
framework info banner with description and official standard link in CompliancePage.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-03 16:28:16 +02:00

2231 lines
116 KiB
Python
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
"""Compliance import service — imports NIST 800-53 to ATT&CK mappings.
Downloads and parses the STIX bundle from the Center for Threat-Informed
Defense's attack_to_nist_mapping repository to create ComplianceFramework,
ComplianceControl, and ComplianceControlMapping records.
"""
import logging
import json
import re
from typing import Optional
import requests
from sqlalchemy.orm import Session
from app.models.compliance import (
ComplianceFramework,
ComplianceControl,
ComplianceControlMapping,
)
from app.models.technique import Technique
logger = logging.getLogger(__name__)
# URL for the NIST 800-53 Rev 5 to ATT&CK mapping
# This is the JSON STIX bundle that contains the relationships
NIST_MAPPING_URL = (
"https://raw.githubusercontent.com/center-for-threat-informed-defense/"
"attack_to_nist_mapping/main/data/attack-to-nist-rev5.json"
)
def import_nist_800_53_mappings(db: Session) -> dict:
"""Import NIST 800-53 Rev 5 mappings from MITRE CTI repository.
Steps:
1. Create or get the NIST 800-53 Rev 5 framework
2. Download the STIX bundle JSON
3. Parse controls and relationship objects
4. Create ComplianceControl records
5. Create ComplianceControlMapping records
Returns a summary dict with counts.
"""
# ── 1. Create or get framework ────────────────────────────────
framework = (
db.query(ComplianceFramework)
.filter(ComplianceFramework.name == "NIST 800-53 Rev 5")
.first()
)
if not framework:
framework = ComplianceFramework(
name="NIST 800-53 Rev 5",
version="5",
description="National Institute of Standards and Technology Special Publication 800-53 Revision 5 — Security and Privacy Controls for Information Systems and Organizations",
url="https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final",
is_active=True,
)
db.add(framework)
db.flush()
logger.info("Created NIST 800-53 Rev 5 framework")
else:
logger.info("NIST 800-53 Rev 5 framework already exists")
# ── 2. Download STIX bundle ───────────────────────────────────
try:
response = requests.get(NIST_MAPPING_URL, timeout=30)
response.raise_for_status()
stix_bundle = response.json()
except requests.RequestException as e:
logger.warning(f"Failed to download STIX bundle: {e}")
# Fallback: create a sample set of well-known NIST controls
return _import_sample_nist_mappings(db, framework)
# ── 3. Parse STIX objects ─────────────────────────────────────
objects = stix_bundle.get("objects", [])
# Build lookup maps
# STIX IDs -> control info
control_map = {} # stix_id -> {control_id, title, category}
technique_map = {} # stix_id -> mitre_technique_id
relationships = [] # (source_ref, target_ref) for "mitigates" relationships
for obj in objects:
obj_type = obj.get("type", "")
if obj_type == "course-of-action":
# This is a NIST control
name = obj.get("name", "")
desc = obj.get("description", "")
stix_id = obj.get("id", "")
# Extract control ID from name (e.g., "AC-2 Account Management")
match = re.match(r"^([A-Z]{2}-\d+(?:\.\d+)?)\s*(.*)", name)
if match:
control_id = match.group(1)
title = match.group(2) or name
else:
control_id = name
title = name
# Extract category from control family
category_match = re.match(r"^([A-Z]{2})", control_id)
category = _get_nist_category(category_match.group(1)) if category_match else None
control_map[stix_id] = {
"control_id": control_id,
"title": title,
"description": desc[:500] if desc else None,
"category": category,
}
elif obj_type == "attack-pattern":
# This is an ATT&CK technique
stix_id = obj.get("id", "")
ext_refs = obj.get("external_references", [])
for ref in ext_refs:
if ref.get("source_name") == "mitre-attack":
technique_map[stix_id] = ref.get("external_id", "")
break
elif obj_type == "relationship":
rel_type = obj.get("relationship_type", "")
if rel_type == "mitigates":
source_ref = obj.get("source_ref", "")
target_ref = obj.get("target_ref", "")
relationships.append((source_ref, target_ref))
# ── 4. Create controls ────────────────────────────────────────
controls_created = 0
controls_existing = 0
control_db_map = {} # control_id -> ComplianceControl
# Load existing controls for this framework
existing_controls = {
c.control_id: c
for c in db.query(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
}
for stix_id, info in control_map.items():
cid = info["control_id"]
if cid in existing_controls:
control_db_map[stix_id] = existing_controls[cid]
controls_existing += 1
else:
ctrl = ComplianceControl(
framework_id=framework.id,
control_id=cid,
title=info["title"],
description=info["description"],
category=info["category"],
)
db.add(ctrl)
db.flush()
control_db_map[stix_id] = ctrl
controls_created += 1
# ── 5. Create mappings ────────────────────────────────────────
mappings_created = 0
mappings_skipped = 0
# Build technique DB lookup (mitre_id -> Technique)
all_techniques = {t.mitre_id: t for t in db.query(Technique).all()}
# Load existing mappings
existing_mappings = set()
for m in db.query(ComplianceControlMapping).all():
existing_mappings.add((str(m.compliance_control_id), str(m.technique_id)))
for source_ref, target_ref in relationships:
control = control_db_map.get(source_ref)
mitre_id = technique_map.get(target_ref)
if not control or not mitre_id:
mappings_skipped += 1
continue
technique = all_techniques.get(mitre_id)
if not technique:
mappings_skipped += 1
continue
key = (str(control.id), str(technique.id))
if key in existing_mappings:
mappings_skipped += 1
continue
mapping = ComplianceControlMapping(
compliance_control_id=control.id,
technique_id=technique.id,
)
db.add(mapping)
existing_mappings.add(key)
mappings_created += 1
db.commit()
summary = {
"framework": framework.name,
"controls_created": controls_created,
"controls_existing": controls_existing,
"mappings_created": mappings_created,
"mappings_skipped": mappings_skipped,
"total_controls": controls_created + controls_existing,
"total_relationships_found": len(relationships),
}
logger.info(f"NIST 800-53 import complete: {summary}")
return summary
def _import_sample_nist_mappings(db: Session, framework: ComplianceFramework) -> dict:
"""Import a curated sample of NIST 800-53 controls when the download fails.
This ensures the feature works even without network access.
"""
SAMPLE_CONTROLS = [
{"control_id": "AC-2", "title": "Account Management", "category": "Access Control",
"techniques": ["T1078", "T1136", "T1098", "T1087", "T1069"]},
{"control_id": "AC-3", "title": "Access Enforcement", "category": "Access Control",
"techniques": ["T1078", "T1548", "T1134"]},
{"control_id": "AC-4", "title": "Information Flow Enforcement", "category": "Access Control",
"techniques": ["T1048", "T1041", "T1572"]},
{"control_id": "AC-6", "title": "Least Privilege", "category": "Access Control",
"techniques": ["T1078", "T1548", "T1134"]},
{"control_id": "AU-2", "title": "Event Logging", "category": "Audit and Accountability",
"techniques": ["T1562", "T1070"]},
{"control_id": "AU-6", "title": "Audit Record Review", "category": "Audit and Accountability",
"techniques": ["T1562", "T1070", "T1027"]},
{"control_id": "CA-7", "title": "Continuous Monitoring", "category": "Assessment, Authorization, and Monitoring",
"techniques": ["T1059", "T1053"]},
{"control_id": "CM-2", "title": "Baseline Configuration", "category": "Configuration Management",
"techniques": ["T1574", "T1546"]},
{"control_id": "CM-6", "title": "Configuration Settings", "category": "Configuration Management",
"techniques": ["T1574", "T1546", "T1112"]},
{"control_id": "CM-7", "title": "Least Functionality", "category": "Configuration Management",
"techniques": ["T1059", "T1218"]},
{"control_id": "IA-2", "title": "Identification and Authentication", "category": "Identification and Authentication",
"techniques": ["T1078", "T1110"]},
{"control_id": "IA-5", "title": "Authenticator Management", "category": "Identification and Authentication",
"techniques": ["T1078", "T1110", "T1003"]},
{"control_id": "IR-4", "title": "Incident Handling", "category": "Incident Response",
"techniques": ["T1059", "T1547"]},
{"control_id": "RA-5", "title": "Vulnerability Monitoring and Scanning", "category": "Risk Assessment",
"techniques": ["T1190", "T1203"]},
{"control_id": "SC-7", "title": "Boundary Protection", "category": "System and Communications Protection",
"techniques": ["T1048", "T1041", "T1071"]},
{"control_id": "SC-28", "title": "Protection of Information at Rest", "category": "System and Communications Protection",
"techniques": ["T1005", "T1114"]},
{"control_id": "SI-3", "title": "Malicious Code Protection", "category": "System and Information Integrity",
"techniques": ["T1059", "T1204", "T1566"]},
{"control_id": "SI-4", "title": "System Monitoring", "category": "System and Information Integrity",
"techniques": ["T1059", "T1053", "T1547"]},
{"control_id": "SI-7", "title": "Software, Firmware, and Information Integrity", "category": "System and Information Integrity",
"techniques": ["T1195", "T1553"]},
{"control_id": "PM-16", "title": "Threat Awareness Program", "category": "Program Management",
"techniques": ["T1566", "T1204"]},
]
# Build technique lookup
all_techniques = {t.mitre_id: t for t in db.query(Technique).all()}
existing_controls = {
c.control_id: c
for c in db.query(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
}
existing_mappings = set()
for m in db.query(ComplianceControlMapping).all():
existing_mappings.add((str(m.compliance_control_id), str(m.technique_id)))
controls_created = 0
mappings_created = 0
for sample in SAMPLE_CONTROLS:
# Create or get control
if sample["control_id"] in existing_controls:
control = existing_controls[sample["control_id"]]
else:
control = ComplianceControl(
framework_id=framework.id,
control_id=sample["control_id"],
title=sample["title"],
category=sample["category"],
)
db.add(control)
db.flush()
existing_controls[sample["control_id"]] = control
controls_created += 1
# Create mappings
for mitre_id in sample["techniques"]:
technique = all_techniques.get(mitre_id)
if not technique:
# Try with subtechnique prefix
for key, tech in all_techniques.items():
if key.startswith(mitre_id):
technique = tech
break
if not technique:
continue
key = (str(control.id), str(technique.id))
if key in existing_mappings:
continue
mapping = ComplianceControlMapping(
compliance_control_id=control.id,
technique_id=technique.id,
)
db.add(mapping)
existing_mappings.add(key)
mappings_created += 1
db.commit()
return {
"framework": framework.name,
"controls_created": controls_created,
"controls_existing": len(existing_controls) - controls_created,
"mappings_created": mappings_created,
"mappings_skipped": 0,
"total_controls": len(existing_controls),
"source": "sample_data",
}
def import_cis_controls_v8_mappings(db: Session) -> dict:
"""Import CIS Controls v8 with ATT&CK technique mappings.
Uses a curated set of CIS Controls mapped to MITRE ATT&CK techniques
based on the CIS Controls Navigator and official documentation.
Returns a summary dict with counts.
"""
# ── 1. Create or get framework ────────────────────────────────
framework = (
db.query(ComplianceFramework)
.filter(ComplianceFramework.name == "CIS Controls v8")
.first()
)
if not framework:
framework = ComplianceFramework(
name="CIS Controls v8",
version="8",
description="Center for Internet Security Critical Security Controls Version 8 — "
"a prioritized set of 18 security safeguards organized by Implementation Groups (IG1, IG2, IG3).",
url="https://www.cisecurity.org/controls/v8",
is_active=True,
)
db.add(framework)
db.flush()
logger.info("Created CIS Controls v8 framework")
else:
logger.info("CIS Controls v8 framework already exists")
# ── 2. Control definitions with ATT&CK mappings ───────────────
CIS_CONTROLS = [
{
"control_id": "CIS-1",
"title": "Inventory and Control of Enterprise Assets",
"category": "IG1 — Basic",
"description": (
"Actively manage all enterprise hardware assets — servers, workstations, mobile "
"devices, and network equipment — so that only authorised devices are given access. "
"Attackers routinely perform active scanning (T1595), gather network information "
"(T1590), and enumerate live hosts (T1018) and system details (T1082) to find "
"unmanaged or forgotten devices that can serve as entry points. You cannot protect "
"what you cannot see."
),
"techniques": ["T1595", "T1590", "T1018", "T1082"],
},
{
"control_id": "CIS-2",
"title": "Inventory and Control of Software Assets",
"category": "IG1 — Basic",
"description": (
"Actively manage all software installed on enterprise assets — only authorised "
"software should be installed and executed. Unknown or unauthorised software is a "
"primary indicator of compromise: attackers enumerate installed applications "
"(T1518), abuse software deployment tools (T1072), and introduce malicious code "
"via compromised software supply chains (T1195). An allowlist of approved software "
"makes unauthorised installations immediately detectable."
),
"techniques": ["T1518", "T1072", "T1195"],
},
{
"control_id": "CIS-3",
"title": "Data Protection",
"category": "IG1 — Basic",
"description": (
"Develop processes to identify, classify, and protect sensitive data throughout "
"its lifecycle. Data exfiltration is the primary objective of most targeted "
"attacks: attackers collect local files (T1005), harvest emails (T1114), stage "
"and compress data for extraction (T1560), and exfiltrate via alternative protocols "
"(T1048) or C2 channels (T1041). Understanding where sensitive data lives is the "
"prerequisite for preventing it from leaving."
),
"techniques": ["T1005", "T1114", "T1560", "T1048", "T1041"],
},
{
"control_id": "CIS-4",
"title": "Secure Configuration of Enterprise Assets and Software",
"category": "IG1 — Basic",
"description": (
"Establish and maintain secure configurations for all enterprise assets and software. "
"Default or insecure configurations are exploited by attackers to establish "
"persistence: DLL hijacking and path manipulation (T1574), event-triggered execution "
"hooks (T1546), registry modifications (T1112), and malicious service installation "
"(T1543). CIS Benchmarks provide vendor-specific hardening guidance that significantly "
"raises the bar for attackers."
),
"techniques": ["T1574", "T1546", "T1112", "T1543"],
},
{
"control_id": "CIS-5",
"title": "Account Management",
"category": "IG1 — Basic",
"description": (
"Use processes and tools to assign and manage authorisation for all accounts — "
"including credentials, permissions, and lifecycle management. Poorly managed "
"accounts are the single most exploited attack vector: valid stolen credentials "
"(T1078), creation of backdoor accounts (T1136), modification of existing account "
"privileges (T1098), and enumeration of all accounts to identify high-value targets "
"(T1087). A mature account management programme prevents orphaned, over-privileged, "
"and shared accounts."
),
"techniques": ["T1078", "T1136", "T1098", "T1087"],
},
{
"control_id": "CIS-6",
"title": "Access Control Management",
"category": "IG1 — Basic",
"description": (
"Use processes and tools to create, assign, manage, and revoke access credentials "
"and privileges based on least privilege. After gaining initial access, attackers "
"need to escalate privileges and move laterally — they abuse valid high-privilege "
"accounts (T1078), exploit privilege escalation vulnerabilities (T1548), manipulate "
"access tokens (T1134), and use remote services to reach additional systems (T1021). "
"Least-privilege access control directly constrains all of these techniques."
),
"techniques": ["T1078", "T1548", "T1134", "T1021"],
},
{
"control_id": "CIS-7",
"title": "Continuous Vulnerability Management",
"category": "IG2 — Foundational",
"description": (
"Continuously acquire, assess, and take action on new information about "
"vulnerabilities to remediate and minimise the window of opportunity for attackers. "
"Unpatched vulnerabilities are a primary attack vector for initial access and "
"privilege escalation: exploitation of internet-facing applications (T1190), "
"client-side vulnerabilities (T1203), local privilege escalation flaws (T1068), "
"and network service vulnerabilities (T1210). The average time between vulnerability "
"disclosure and exploitation is now less than 15 days."
),
"techniques": ["T1190", "T1203", "T1068", "T1210"],
},
{
"control_id": "CIS-8",
"title": "Audit Log Management",
"category": "IG2 — Foundational",
"description": (
"Collect, alert, review, and retain audit logs to detect attacks and enable "
"investigations. Audit logs are the primary resource for incident response — "
"and therefore the primary target for attacker cleanup: disabling security tools "
"and logging (T1562), clearing Windows Event Logs, bash history, and syslog "
"entries (T1070), and using command-line tools to execute without leaving "
"traces (T1059). A centralised, write-protected log store is essential."
),
"techniques": ["T1562", "T1070", "T1059"],
},
{
"control_id": "CIS-9",
"title": "Email and Web Browser Protections",
"category": "IG2 — Foundational",
"description": (
"Improve protections and detections of threats from email and web vectors — the "
"primary delivery mechanisms for malware and social engineering. The majority of "
"successful breaches begin with a phishing email (T1566), a user clicking a "
"malicious link or attachment (T1204), a drive-by download from a compromised "
"site (T1189), or spear-phishing for credentials (T1598). Email security, web "
"filtering, and user training form the essential first line of defence."
),
"techniques": ["T1566", "T1204", "T1189", "T1598"],
},
{
"control_id": "CIS-10",
"title": "Malware Defenses",
"category": "IG2 — Foundational",
"description": (
"Prevent or control the installation, spread, and execution of malicious applications, "
"code, or scripts. Malware executes via scripting engines (T1059), user-initiated "
"actions (T1204), and uses obfuscation (T1027) and decoding techniques (T1140) to "
"evade detection tools. Some malware also checks for sandbox environments (T1497) "
"before activating. Effective malware defence requires layered controls — endpoint "
"detection, application control, and behaviour-based analysis."
),
"techniques": ["T1059", "T1204", "T1027", "T1140", "T1497"],
},
{
"control_id": "CIS-11",
"title": "Data Recovery",
"category": "IG1 — Basic",
"description": (
"Establish and maintain data recovery practices sufficient to restore in-scope "
"enterprise assets to a pre-incident state. Modern ransomware specifically targets "
"backup infrastructure to maximise extortion leverage: encrypting all accessible "
"data (T1486), deleting or inhibiting backup and recovery tools (T1490), and "
"wiping disks entirely (T1561). The 3-2-1 backup rule — three copies, two different "
"media, one offsite — with immutable storage and regular recovery tests is the "
"only reliable defence."
),
"techniques": ["T1486", "T1490", "T1561"],
},
{
"control_id": "CIS-12",
"title": "Network Infrastructure Management",
"category": "IG2 — Foundational",
"description": (
"Establish, implement, and actively manage network infrastructure using a "
"comprehensive security process. Attackers abuse weak network infrastructure "
"for man-in-the-middle attacks (T1557), use standard application protocols to "
"blend command-and-control traffic with normal traffic (T1071), tunnel malicious "
"traffic through legitimate protocols (T1572), and use non-standard ports to evade "
"filtering (T1571). Network hardening, firmware management, and network monitoring "
"are the primary safeguards."
),
"techniques": ["T1557", "T1071", "T1572", "T1571"],
},
{
"control_id": "CIS-13",
"title": "Network Monitoring and Defense",
"category": "IG2 — Foundational",
"description": (
"Operate processes and tooling to establish and maintain comprehensive network "
"monitoring and defence against security threats. Without network monitoring, "
"exfiltration goes undetected: data exfiltrated via web protocols (T1071) or "
"alternative channels (T1048, T1041), tool transfer to and from attacker "
"infrastructure (T1105), and protocol tunnelling to bypass controls (T1572). "
"Network detection and response (NDR) tools, combined with IDS signatures and "
"anomaly detection, form the core technical controls."
),
"techniques": ["T1071", "T1048", "T1041", "T1105", "T1572"],
},
{
"control_id": "CIS-14",
"title": "Security Awareness and Skills Training",
"category": "IG1 — Basic",
"description": (
"Establish and maintain a security awareness programme that addresses the full range "
"of threats facing the organisation. Social engineering remains the most effective "
"attack vector because it bypasses technical controls: phishing emails (T1566), "
"malicious attachments (T1204), and credential harvesting via fake login pages "
"(T1598) succeed because users lack the training to recognise them. Regular, "
"scenario-based training with simulated phishing campaigns provides measurable "
"improvement."
),
"techniques": ["T1566", "T1204", "T1598"],
},
{
"control_id": "CIS-15",
"title": "Service Provider Management",
"category": "IG2 — Foundational",
"description": (
"Develop a process to evaluate service providers who hold sensitive data or are "
"responsible for critical IT platforms. Supply chain and third-party attacks have "
"become one of the most impactful threat vectors: adversaries exploit trusted "
"relationships with managed service providers (T1199) and compromise software "
"supply chains to reach downstream targets (T1195). Vendor risk assessments, "
"contractual security requirements, and continuous monitoring are essential."
),
"techniques": ["T1199", "T1195"],
},
{
"control_id": "CIS-16",
"title": "Application Software Security",
"category": "IG2 — Foundational",
"description": (
"Manage the security lifecycle of in-house developed and acquired software in "
"order to prevent, detect, and remediate security weaknesses. Application "
"vulnerabilities are a primary initial access vector: internet-facing application "
"exploitation (T1190), command execution through application weaknesses (T1059), "
"and client-side code execution (T1203). A secure software development lifecycle "
"(SSDLC) with threat modelling, code review, and penetration testing catches "
"vulnerabilities before they reach production."
),
"techniques": ["T1190", "T1059", "T1203"],
},
{
"control_id": "CIS-17",
"title": "Incident Response Management",
"category": "IG2 — Foundational",
"description": (
"Establish a programme to develop and maintain an incident response capability — "
"including a plan, defined roles, training, and exercises. Effective incident "
"response must counter attacker persistence mechanisms before they re-establish "
"footholds: scripted commands (T1059), boot or logon persistence (T1547), and "
"scheduled tasks (T1053) that survive a reboot. A tested incident response plan "
"reduces average dwell time and limits the damage from any breach."
),
"techniques": ["T1059", "T1547", "T1053"],
},
{
"control_id": "CIS-18",
"title": "Penetration Testing",
"category": "IG3 — Organizational",
"description": (
"Test the effectiveness of organisational defences (people, processes, technology) "
"by safely simulating adversary objectives and actions. This is the CIS control "
"most directly aligned with the Aegis Red Team platform. Penetration tests "
"simulate reconnaissance (T1595), service discovery (T1046), exploitation of "
"public-facing applications (T1190), and post-exploitation execution (T1059) to "
"validate whether defensive controls work in practice. Every test executed in Aegis "
"directly contributes to evidence for this control."
),
"techniques": ["T1595", "T1046", "T1190", "T1059"],
},
]
# Build technique lookup
all_techniques = {t.mitre_id: t for t in db.query(Technique).all()}
existing_controls = {
c.control_id: c
for c in db.query(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
}
existing_mappings = set()
for m in (
db.query(ComplianceControlMapping)
.join(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
):
existing_mappings.add((str(m.compliance_control_id), str(m.technique_id)))
controls_created = 0
mappings_created = 0
for item in CIS_CONTROLS:
if item["control_id"] in existing_controls:
control = existing_controls[item["control_id"]]
else:
control = ComplianceControl(
framework_id=framework.id,
control_id=item["control_id"],
title=item["title"],
category=item["category"],
)
db.add(control)
db.flush()
existing_controls[item["control_id"]] = control
controls_created += 1
for mitre_id in item["techniques"]:
technique = all_techniques.get(mitre_id)
if not technique:
continue
key = (str(control.id), str(technique.id))
if key in existing_mappings:
continue
mapping = ComplianceControlMapping(
compliance_control_id=control.id,
technique_id=technique.id,
)
db.add(mapping)
existing_mappings.add(key)
mappings_created += 1
db.commit()
summary = {
"framework": framework.name,
"controls_created": controls_created,
"controls_existing": len(existing_controls) - controls_created,
"mappings_created": mappings_created,
"total_controls": len(existing_controls),
}
logger.info(f"CIS Controls v8 import complete: {summary}")
return summary
def import_dora_mappings(db: Session) -> dict:
"""Import DORA (Digital Operational Resilience Act) with ATT&CK technique mappings.
DORA (EU 2022/2554) applies to financial entities and ICT third-party providers.
Controls map the key cybersecurity articles (Chapters IIVI) to MITRE ATT&CK
techniques based on ENISA guidance and TIBER-EU threat-led testing framework.
Returns a summary dict with counts.
"""
# ── 1. Create or get framework ────────────────────────────────
framework = (
db.query(ComplianceFramework)
.filter(ComplianceFramework.name == "DORA")
.first()
)
if not framework:
framework = ComplianceFramework(
name="DORA",
version="2022/2554",
description=(
"Digital Operational Resilience Act (Regulation EU 2022/2554) — "
"EU regulation establishing ICT risk management, incident reporting, "
"digital operational resilience testing, and ICT third-party risk "
"management requirements for financial entities."
),
url="https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32022R2554",
is_active=True,
)
db.add(framework)
db.flush()
logger.info("Created DORA framework")
else:
logger.info("DORA framework already exists")
# ── 2. Control definitions with ATT&CK mappings ───────────────
# Based on ENISA DORA guidelines and TIBER-EU threat intelligence framework.
# Each control maps to a DORA article and the ATT&CK techniques it addresses.
DORA_CONTROLS = [
# ─── Chapter II — ICT Risk Management ────────────────────────────
{
"control_id": "DORA-Art.5",
"title": "Governance and Organisation",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 5 requires the management body of financial entities to define, "
"approve, and oversee ICT risk management. This means executive responsibility "
"for cybersecurity — not just delegation to IT. Governance failures enable "
"credential-based attacks on unmonitored accounts (T1078), creation of "
"unauthorised accounts (T1136), privilege escalation (T1098), and unchecked "
"account enumeration (T1087). Regulators (EBA, ESMA, EIOPA) expect evidence "
"that the board actively monitors ICT risk indicators."
),
"techniques": ["T1078", "T1136", "T1098", "T1087"],
},
{
"control_id": "DORA-Art.6",
"title": "ICT Risk Management Framework",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 6 requires a comprehensive, documented ICT risk management framework "
"covering identification, protection, detection, response, and recovery. The "
"framework must be tested against realistic threats — active scanning (T1595), "
"network reconnaissance (T1590), employee intelligence gathering (T1589), port "
"scanning (T1046), host enumeration (T1018), and system profiling (T1082). "
"Red Team exercises under DORA's TLPT programme are the primary evidence that "
"the risk framework functions as intended."
),
"techniques": ["T1595", "T1590", "T1589", "T1046", "T1018", "T1082"],
},
{
"control_id": "DORA-Art.7",
"title": "ICT Systems, Protocols and Tools",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 7 requires financial entities to keep ICT systems up to date, "
"securely configured, and with minimised attack surface. Attackers exploit "
"outdated and misconfigured systems: DLL hijacking (T1574), rogue service "
"installation (T1543), registry manipulation (T1112), event-triggered hooks "
"(T1546), compromised software components (T1195), and abuse of legitimate "
"external remote services (T1133). Hardened, maintained systems are a "
"fundamental DORA compliance requirement."
),
"techniques": ["T1574", "T1543", "T1112", "T1546", "T1195", "T1133"],
},
{
"control_id": "DORA-Art.8",
"title": "Identification",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 8 requires financial entities to identify and classify all ICT "
"assets, data, and third-party dependencies that support critical functions. "
"Attackers perform the same discovery to understand their target: scanning for "
"live hosts (T1018), querying system information (T1082), finding sensitive "
"files (T1083), enumerating accounts (T1087), and mapping network and "
"infrastructure (T1590, T1592). An entity that knows its own assets better than "
"an attacker does has a fundamental defensive advantage."
),
"techniques": ["T1018", "T1082", "T1083", "T1087", "T1590", "T1592"],
},
{
"control_id": "DORA-Art.9",
"title": "Protection and Prevention",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 9 requires financial entities to implement continuous protection "
"measures — access controls, network segmentation, patch management, and change "
"management — to prevent ICT incidents. Protection must address the full kill "
"chain: credential abuse (T1078), privilege escalation (T1548, T1134), "
"application exploitation (T1190), persistence via system modifications (T1574, "
"T1543), and lateral movement (T1021). DORA supervisors assess protection "
"effectiveness through scenario-based testing."
),
"techniques": ["T1078", "T1548", "T1134", "T1190", "T1574", "T1543", "T1021"],
},
{
"control_id": "DORA-Art.10",
"title": "Detection",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 10 requires financial entities to implement mechanisms to promptly "
"detect anomalous activities. The detection capability must specifically identify "
"attacker attempts to: disable security tooling (T1562), clear log evidence "
"(T1070), execute malicious commands (T1059), use scheduled tasks for persistence "
"(T1053), establish boot-time persistence (T1547), and abuse logon scripts "
"(T1037). DORA expects mean time to detect (MTTD) to be measured and improved "
"continuously."
),
"techniques": ["T1562", "T1070", "T1059", "T1053", "T1547", "T1037"],
},
{
"control_id": "DORA-Art.11",
"title": "Response and Recovery",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 11 requires documented, tested response and recovery plans for ICT "
"incidents, including defined recovery time objectives (RTO) and recovery point "
"objectives (RPO) for critical functions. Financial entities must be able to "
"recover from the most damaging attacks: ransomware (T1486), backup deletion "
"(T1490), disk wiping (T1561), data destruction (T1485), and exfiltration "
"(T1048, T1041). DORA supervisors have the power to require live resilience tests."
),
"techniques": ["T1486", "T1490", "T1561", "T1485", "T1048", "T1041"],
},
{
"control_id": "DORA-Art.12",
"title": "Backup Policies and Recovery Methods",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 12 specifically mandates backup policies for all data, software, "
"and systems supporting critical functions, with tested recovery procedures. "
"Ransomware groups are acutely aware of this requirement and deliberately target "
"backups: encrypting all accessible data (T1486), deleting shadow copies and "
"inhibiting recovery tools (T1490), wiping disks (T1561), and destroying data "
"entirely (T1485). DORA requires backups to be isolated from the production "
"network and tested at least annually."
),
"techniques": ["T1486", "T1490", "T1561", "T1485"],
},
{
"control_id": "DORA-Art.13",
"title": "Learning and Evolving",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 13 requires financial entities to learn from ICT incidents — both "
"their own and sector-wide — and continuously improve their ICT risk framework. "
"This includes threat intelligence consumption: understanding current phishing "
"campaigns (T1566), employee data harvesting (T1589), infrastructure reconnaissance "
"(T1590), active scanning of financial sector targets (T1595), and credential "
"phishing (T1598). Threat intelligence feeds directly inform which Red Team "
"scenarios are most relevant."
),
"techniques": ["T1566", "T1589", "T1590", "T1595", "T1598"],
},
{
"control_id": "DORA-Art.14",
"title": "Communication",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 14 requires crisis communication plans for ICT incidents — covering "
"internal communication, staff notification, and external communication to clients, "
"counterparties, and regulators. Communication channels are themselves an attack "
"vector: attackers harvest email content (T1114), use phishing to impersonate "
"communications (T1566), abuse web services as covert channels (T1102), and use "
"standard web protocols to blend C2 traffic (T1071). Secure, authenticated "
"communication channels are therefore also an ICT risk requirement."
),
"techniques": ["T1114", "T1566", "T1102", "T1071"],
},
{
"control_id": "DORA-Art.15",
"title": "Further Harmonisation of ICT Risk Management Tools",
"category": "Chapter II — ICT Risk Management",
"description": (
"DORA Article 15 mandates that simplified ICT risk management requirements for "
"smaller financial entities still cover the essential controls. Even simplified "
"frameworks must address: credential compromise (T1078), exploitation of "
"internet-facing systems (T1190), remote access abuse (T1133, T1021), and third-party "
"risk (T1199). The proportionality principle does not reduce the required security "
"outcomes — only the implementation complexity."
),
"techniques": ["T1078", "T1190", "T1133", "T1021", "T1199"],
},
# ─── Chapter III — ICT-related Incident Management ────────────────
{
"control_id": "DORA-Art.17",
"title": "ICT-related Incidents Classification",
"category": "Chapter III — Incident Management",
"description": (
"DORA Article 17 mandates a classification process for ICT incidents based on "
"criteria including impact on services, clients, and financial stability. "
"Classification must correctly identify high-severity incidents like: DDoS attacks "
"impacting service availability (T1499, T1498), ransomware causing business "
"disruption (T1486), data exfiltration affecting client data (T1041, T1048), and "
"data manipulation affecting transaction integrity (T1565). Misclassification "
"leads to delayed regulatory reporting and supervisory sanctions."
),
"techniques": ["T1499", "T1498", "T1486", "T1041", "T1048", "T1565"],
},
{
"control_id": "DORA-Art.18",
"title": "Major ICT-Related Incidents Reporting",
"category": "Chapter III — Incident Management",
"description": (
"DORA Article 18 requires mandatory reporting of major ICT incidents to competent "
"authorities (ECB, national regulators) within strict timeframes — initial "
"notification within 4 hours, intermediate report within 72 hours, final report "
"within 1 month. Qualifying incidents include ransomware (T1486), significant "
"data exfiltration (T1041, T1048), and availability-impacting attacks (T1499, "
"T1498). Non-compliance with reporting timelines carries significant supervisory "
"and reputational risk."
),
"techniques": ["T1486", "T1041", "T1048", "T1499", "T1498"],
},
{
"control_id": "DORA-Art.19",
"title": "Harmonisation of Reporting Content and Formats",
"category": "Chapter III — Incident Management",
"description": (
"DORA Article 19 requires standardised incident report formats as specified by "
"the Joint Committee of ESAs. Reports must contain technical details about the "
"attack: initial access via phishing (T1566), application vulnerabilities (T1190), "
"execution mechanisms (T1203, T1059), and the full timeline. This requires that "
"the organisation maintains high-fidelity detection and logging capabilities to "
"populate the mandatory report fields accurately."
),
"techniques": ["T1566", "T1190", "T1203", "T1059"],
},
# ─── Chapter IV — Digital Operational Resilience Testing ──────────
{
"control_id": "DORA-Art.24",
"title": "General Digital Operational Resilience Testing",
"category": "Chapter IV — Resilience Testing",
"description": (
"DORA Article 24 requires ALL financial entities to conduct a comprehensive "
"digital operational resilience testing programme annually — covering vulnerability "
"assessments, network security testing, and scenario-based tests. The testing "
"programme must validate defences against realistic attacks including command "
"execution (T1059), application exploitation (T1190), service discovery (T1046), "
"reconnaissance (T1595), and credential abuse (T1078). Aegis directly supports "
"this requirement by providing evidence of test coverage and outcomes."
),
"techniques": ["T1059", "T1190", "T1046", "T1595", "T1078"],
},
{
"control_id": "DORA-Art.25",
"title": "Testing of ICT Tools and Systems",
"category": "Chapter IV — Resilience Testing",
"description": (
"DORA Article 25 requires testing of ICT systems and tools that support critical "
"and important functions — including penetration testing of production or "
"representative environments. Testing scope must cover exploitation of systems "
"(T1059, T1190, T1046, T1595), credential attacks (T1078), privilege escalation "
"(T1068), and network service exploitation (T1210). Test results must be shared "
"with competent authorities on request, making a structured testing platform "
"with evidence retention (like Aegis) a compliance necessity."
),
"techniques": ["T1059", "T1190", "T1046", "T1595", "T1078", "T1068", "T1210"],
},
{
"control_id": "DORA-Art.26",
"title": "Advanced Testing — Threat-Led Penetration Testing (TLPT)",
"category": "Chapter IV — Resilience Testing",
"description": (
"DORA Article 26 mandates Threat-Led Penetration Testing (TLPT) — equivalent to "
"TIBER-EU — for significant financial entities every 3 years. TLPT is a full "
"Red Team simulation based on real threat intelligence, testing the organisation's "
"ability to detect and respond to a realistic advanced adversary. Techniques "
"covered include: phishing (T1566), user execution (T1204), process injection "
"(T1055), command execution (T1059), lateral movement (T1021), credential abuse "
"(T1078), application exploitation (T1190), service scanning (T1046), privilege "
"escalation (T1548, T1134), and payload obfuscation (T1027). DORA TLPT is the "
"most rigorous regulatory cyber resilience test in the financial sector."
),
"techniques": [
"T1566", "T1204", "T1055", "T1059", "T1021", "T1078",
"T1190", "T1046", "T1548", "T1134", "T1027",
],
},
{
"control_id": "DORA-Art.27",
"title": "Requirements for Testers Carrying Out TLPT",
"category": "Chapter IV — Resilience Testing",
"description": (
"DORA Article 27 sets requirements for the Red Team providers conducting TLPT — "
"they must be independent, technically qualified, and approved by competent "
"authorities. The testing scope must include realistic reconnaissance (T1595), "
"service enumeration (T1046), exploitation (T1190), post-exploitation execution "
"(T1059), and abuse of valid credentials (T1078). TLPT providers must follow "
"TIBER-EU methodology, using actual threat intelligence specific to the target "
"entity's threat landscape."
),
"techniques": ["T1595", "T1046", "T1190", "T1059", "T1078"],
},
# ─── Chapter V — ICT Third-Party Risk Management ──────────────────
{
"control_id": "DORA-Art.28",
"title": "General Principles of ICT Third-Party Risk Management",
"category": "Chapter V — Third-Party Risk",
"description": (
"DORA Article 28 requires a comprehensive ICT third-party risk management "
"strategy, including registers of all third-party providers and pre-contractual "
"due diligence. Financial entities have been repeatedly compromised through their "
"supply chains: trusted relationship exploitation (T1199), software supply chain "
"compromise (T1195), credential theft for third-party systems (T1078), and abuse "
"of legitimate remote access tools (T1133). DORA supervisors can examine "
"third-party risk registers during inspections."
),
"techniques": ["T1199", "T1195", "T1078", "T1133"],
},
{
"control_id": "DORA-Art.30",
"title": "Key Contractual Provisions for ICT Services",
"category": "Chapter V — Third-Party Risk",
"description": (
"DORA Article 30 specifies mandatory contract clauses for ICT third-party service "
"agreements — including security requirements, audit rights, incident notification, "
"and exit strategies. Without contractual security obligations, third parties "
"become the weakest link: exploitation of trusted relationships (T1199), "
"compromised software delivered by the vendor (T1195), and credential sharing "
"that allows lateral movement (T1078). DORA requires financial entities to "
"actively enforce these clauses, not merely include them."
),
"techniques": ["T1199", "T1195", "T1078"],
},
{
"control_id": "DORA-Art.42",
"title": "Oversight of Critical ICT Third-Party Providers",
"category": "Chapter V — Third-Party Risk",
"description": (
"DORA Article 42 establishes a new EU-level oversight framework for ICT providers "
"designated as 'critical' — cloud providers, data centres, and core software "
"vendors serving multiple financial entities simultaneously. A compromise of a "
"critical ICT provider would represent systemic risk to financial stability: "
"exploiting trusted relationships (T1199, T1195), leveraging legitimate remote "
"access (T1133), abusing shared credentials (T1078), and exploiting the provider's "
"own internet-facing infrastructure (T1190). DORA Lead Overseers can demand "
"remediation actions from critical providers directly."
),
"techniques": ["T1199", "T1195", "T1133", "T1078", "T1190"],
},
# ─── Chapter VI — Information Sharing ────────────────────────────
{
"control_id": "DORA-Art.45",
"title": "Arrangements for Information Sharing on Cyber Threats",
"category": "Chapter VI — Information Sharing",
"description": (
"DORA Article 45 encourages financial entities to participate in cyber threat "
"information sharing arrangements — sharing indicators of compromise, attack "
"patterns, and tactical intelligence with peers and regulators. Shared intelligence "
"enables the sector to collectively defend against sector-specific threats: "
"phishing campaigns targeting financial firms (T1566), data harvesting on "
"employees (T1589), infrastructure reconnaissance of banking networks (T1590), "
"active scanning of financial sector assets (T1595), and spear-phishing for "
"credentials (T1598). Participation in CERT-level sharing programmes satisfies "
"this requirement."
),
"techniques": ["T1566", "T1589", "T1590", "T1595", "T1598"],
},
]
# Build technique lookup
all_techniques = {t.mitre_id: t for t in db.query(Technique).all()}
existing_controls = {
c.control_id: c
for c in db.query(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
}
existing_mappings = set()
for m in (
db.query(ComplianceControlMapping)
.join(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
):
existing_mappings.add((str(m.compliance_control_id), str(m.technique_id)))
controls_created = 0
mappings_created = 0
for item in DORA_CONTROLS:
if item["control_id"] in existing_controls:
control = existing_controls[item["control_id"]]
else:
control = ComplianceControl(
framework_id=framework.id,
control_id=item["control_id"],
title=item["title"],
category=item["category"],
)
db.add(control)
db.flush()
existing_controls[item["control_id"]] = control
controls_created += 1
for mitre_id in item["techniques"]:
technique = all_techniques.get(mitre_id)
if not technique:
continue
key = (str(control.id), str(technique.id))
if key in existing_mappings:
continue
mapping = ComplianceControlMapping(
compliance_control_id=control.id,
technique_id=technique.id,
)
db.add(mapping)
existing_mappings.add(key)
mappings_created += 1
db.commit()
summary = {
"framework": framework.name,
"controls_created": controls_created,
"controls_existing": len(existing_controls) - controls_created,
"mappings_created": mappings_created,
"total_controls": len(existing_controls),
}
logger.info(f"DORA import complete: {summary}")
return summary
def import_iso_27001_mappings(db: Session) -> dict:
"""Import ISO/IEC 27001:2022 Annex A controls with ATT&CK technique mappings.
ISO/IEC 27001:2022 has 93 controls in Annex A organised into 4 themes:
- 5. Organizational controls (37)
- 6. People controls (8)
- 7. Physical controls (14)
- 8. Technological controls (34)
Mappings follow MITRE ATT&CK Enterprise v14 and published ISO/IEC 27002:2022
guidance on threat mitigations.
Returns a summary dict with counts.
"""
framework = (
db.query(ComplianceFramework)
.filter(ComplianceFramework.name == "ISO/IEC 27001:2022")
.first()
)
if not framework:
framework = ComplianceFramework(
name="ISO/IEC 27001:2022",
version="2022",
description=(
"ISO/IEC 27001:2022 — International standard for Information Security "
"Management Systems (ISMS). Annex A contains 93 controls across 4 themes: "
"Organizational, People, Physical, and Technological."
),
url="https://www.iso.org/standard/27001",
is_active=True,
)
db.add(framework)
db.flush()
logger.info("Created ISO/IEC 27001:2022 framework")
else:
logger.info("ISO/IEC 27001:2022 framework already exists")
ISO_27001_CONTROLS = [
# ── 5. Organizational Controls ──────────────────────────────────────
{
"control_id": "5.2",
"title": "Information Security Roles and Responsibilities",
"category": "5 — Organizational Controls",
"description": (
"Requires that information security responsibilities are clearly defined, allocated, "
"and communicated. Without clear ownership, attackers exploit gaps between teams — "
"for example, using valid accounts (T1078) whose owners are unknown, enumerating "
"accounts (T1087) that no one monitors, or abusing group memberships (T1069) never "
"reviewed after personnel changes."
),
"techniques": ["T1078", "T1087", "T1069"],
},
{
"control_id": "5.7",
"title": "Threat Intelligence",
"category": "5 — Organizational Controls",
"description": (
"Requires the organisation to collect, analyse, and act on information about threats "
"relevant to its assets. This directly counters attackers' reconnaissance activities: "
"phishing campaigns (T1566), harvesting employee data (T1589), mapping the network "
"perimeter (T1590), performing active scanning (T1595), and spear-phishing for "
"credentials (T1598). Effective threat intelligence allows defenders to anticipate "
"and disrupt these activities before they succeed."
),
"techniques": ["T1566", "T1589", "T1590", "T1595", "T1598"],
},
{
"control_id": "5.9",
"title": "Inventory of Information and Other Assets",
"category": "5 — Organizational Controls",
"description": (
"Requires maintaining an accurate, up-to-date inventory of all information assets "
"and their owners. Attackers routinely discover systems that the organisation itself "
"has forgotten — querying system information (T1082), finding forgotten files (T1083), "
"scanning for live hosts (T1018), or gathering infrastructure details (T1592). "
"An asset inventory is the prerequisite for almost every other security control."
),
"techniques": ["T1082", "T1083", "T1018", "T1592"],
},
{
"control_id": "5.14",
"title": "Information Transfer",
"category": "5 — Organizational Controls",
"description": (
"Requires rules and controls for transferring information — whether via email, "
"removable media, cloud sharing, or messaging. It directly addresses data exfiltration "
"paths: non-standard ports (T1048), command-and-control channels (T1041), cloud "
"storage services (T1567), and standard web protocols used to blend with normal "
"traffic (T1071). Without these controls, sensitive data can leave the organisation "
"undetected."
),
"techniques": ["T1048", "T1041", "T1567", "T1071"],
},
{
"control_id": "5.16",
"title": "Identity Management",
"category": "5 — Organizational Controls",
"description": (
"Requires a full lifecycle process for managing digital identities — from creation "
"to deletion. Attackers who compromise an identity gain persistent access; they use "
"valid stolen credentials (T1078), create new accounts (T1136), modify existing "
"account permissions (T1098), and enumerate accounts to find privileged targets "
"(T1087). Strong identity management directly reduces the blast radius of any "
"credential compromise."
),
"techniques": ["T1078", "T1136", "T1098", "T1087"],
},
{
"control_id": "5.17",
"title": "Authentication Information",
"category": "5 — Organizational Controls",
"description": (
"Requires secure management of all authentication secrets — passwords, tokens, "
"certificates, and API keys. Weak authentication is the most common initial access "
"vector: brute force and password spraying (T1110), credential dumping from memory "
"or disk (T1003), use of stolen credentials (T1078), and harvesting secrets from "
"configuration files (T1552). Enforcing strong, unique credentials with MFA "
"neutralises the majority of these attacks."
),
"techniques": ["T1110", "T1003", "T1078", "T1552"],
},
{
"control_id": "5.20",
"title": "Addressing Information Security in Supplier Agreements",
"category": "5 — Organizational Controls",
"description": (
"Requires that security obligations are contractually embedded in all supplier "
"relationships. Supply chain attacks — where adversaries compromise a trusted "
"third-party to reach the target (T1199, T1195) — have caused some of the largest "
"breaches in recent years (e.g., SolarWinds, 3CX). Security clauses in contracts, "
"combined with regular supplier audits, create accountability and reduce this risk."
),
"techniques": ["T1199", "T1195"],
},
{
"control_id": "5.23",
"title": "Information Security for Use of Cloud Services",
"category": "5 — Organizational Controls",
"description": (
"Requires security policies and controls specifically tailored for cloud services, "
"including roles, data classification, and monitoring. Cloud misconfiguration is "
"now the leading cause of data breaches — attackers access data from cloud storage "
"(T1530), exfiltrate to adversary-owned cloud accounts (T1537), abuse cloud "
"credentials (T1078), and exploit internet-facing cloud APIs (T1190). This control "
"establishes the governance layer that prevents these exposures."
),
"techniques": ["T1530", "T1537", "T1078", "T1190"],
},
{
"control_id": "5.24",
"title": "Information Security Incident Management Planning",
"category": "5 — Organizational Controls",
"description": (
"Requires documented, tested incident management procedures so the organisation can "
"respond effectively when an attack occurs. Without a plan, response is slow and "
"inconsistent — attackers establish persistent footholds via scheduled tasks or "
"startup entries (T1059, T1547) or deploy ransomware (T1486) while defenders are "
"still trying to understand what is happening. A tested plan reduces dwell time "
"from months to hours."
),
"techniques": ["T1059", "T1547", "T1486"],
},
{
"control_id": "5.26",
"title": "Response to Information Security Incidents",
"category": "5 — Organizational Controls",
"description": (
"Requires a structured response process — containment, eradication, and recovery — "
"when incidents are confirmed. Effective response must counter attacker persistence "
"mechanisms (T1059, T1547), recover evidence before it is wiped (T1070), and "
"restore disabled monitoring tools (T1562). The Red Team exercises mapped here "
"validate whether detection and response capabilities actually work under realistic "
"attack conditions."
),
"techniques": ["T1059", "T1547", "T1070", "T1562"],
},
{
"control_id": "5.28",
"title": "Collection of Evidence",
"category": "5 — Organizational Controls",
"description": (
"Requires that digital evidence is collected, preserved, and handled in a way that "
"maintains its integrity for potential legal proceedings or regulatory investigations. "
"Attackers deliberately destroy logs (T1070) and tamper with or disable security "
"tools (T1562) to prevent forensic analysis. This control ensures the organisation "
"can prove what happened and who was responsible."
),
"techniques": ["T1562", "T1070"],
},
{
"control_id": "5.29",
"title": "Information Security During Disruption",
"category": "5 — Organizational Controls",
"description": (
"Requires maintaining an acceptable security level even during major disruptions "
"such as disasters, outages, or crises. Ransomware (T1486), disk wipers (T1561), "
"and backup deletion (T1490) are specifically designed to make recovery impossible "
"and extort organisations. Controls must ensure backups are immutable and recovery "
"procedures are tested regularly."
),
"techniques": ["T1486", "T1490", "T1561"],
},
{
"control_id": "5.30",
"title": "ICT Readiness for Business Continuity",
"category": "5 — Organizational Controls",
"description": (
"Requires ICT infrastructure to be resilient enough to continue critical operations "
"after a disruptive event. This addresses destructive attacks — ransomware (T1486), "
"backup inhibition (T1490), and denial-of-service (T1499, T1498) — that aim to "
"make the organisation unable to operate. Business continuity tests that include "
"cyber scenarios are the primary validation mechanism for this control."
),
"techniques": ["T1486", "T1490", "T1499", "T1498"],
},
# ── 6. People Controls ───────────────────────────────────────────────
{
"control_id": "6.1",
"title": "Screening",
"category": "6 — People Controls",
"description": (
"Requires background checks on employees and contractors proportionate to their "
"access level. Insider threats are particularly dangerous because malicious insiders "
"already hold valid credentials (T1078) and can abuse access tokens without "
"triggering external alerts (T1134). Screening before hiring reduces the risk of "
"placing a bad actor in a privileged position."
),
"techniques": ["T1078", "T1134"],
},
{
"control_id": "6.3",
"title": "Information Security Awareness, Education and Training",
"category": "6 — People Controls",
"description": (
"Requires regular, relevant security training for all personnel. The human element "
"is the most exploited attack surface: phishing emails (T1566), malicious "
"attachments or links (T1204), and credential harvesting via fake forms (T1598) "
"succeed primarily because users are not trained to recognise them. Simulated "
"phishing campaigns are the standard method to validate this control's effectiveness."
),
"techniques": ["T1566", "T1204", "T1598"],
},
{
"control_id": "6.4",
"title": "Disciplinary Process",
"category": "6 — People Controls",
"description": (
"Requires a formal, communicated disciplinary process for security policy violations. "
"The existence of clear consequences deters insider misuse of credentials (T1078) "
"and unauthorised modification of account permissions (T1098). It also provides a "
"legally defensible framework when disciplinary action is needed after an incident."
),
"techniques": ["T1078", "T1098"],
},
# ── 7. Physical Controls ─────────────────────────────────────────────
{
"control_id": "7.1",
"title": "Physical Security Perimeters",
"category": "7 — Physical Controls",
"description": (
"Requires physical barriers — security zones, badge access, locked server rooms — "
"to prevent unauthorised physical access to information processing facilities. "
"Physical access enables attacks that are impossible remotely, such as connecting "
"rogue hardware devices (T1200) — keyloggers, network implants, or rogue access "
"points — directly to internal systems."
),
"techniques": ["T1200"],
},
{
"control_id": "7.4",
"title": "Physical Security Monitoring",
"category": "7 — Physical Controls",
"description": (
"Requires surveillance and monitoring of physical access to sensitive areas — CCTV, "
"access logs, visitor registers. Attackers with physical access can install hardware "
"implants (T1200) or tamper with authentication components (T1556) that cannot be "
"detected by purely network-based monitoring. Physical monitoring provides the "
"detective control for these scenarios."
),
"techniques": ["T1200", "T1556"],
},
# ── 8. Technological Controls ────────────────────────────────────────
{
"control_id": "8.2",
"title": "Privileged Access Rights",
"category": "8 — Technological Controls",
"description": (
"Requires strict management and minimisation of privileged accounts — administrator, "
"root, service accounts, and emergency access credentials. Privileged accounts are "
"the primary target in every major breach: attackers use valid admin credentials "
"(T1078), escalate from standard user to admin (T1548), or manipulate access tokens "
"to inherit elevated rights (T1134). Reducing the number and exposure of privileged "
"accounts directly limits the damage an attacker can do."
),
"techniques": ["T1078", "T1548", "T1134"],
},
{
"control_id": "8.3",
"title": "Information Access Restriction",
"category": "8 — Technological Controls",
"description": (
"Requires that access to information and systems is restricted based on the "
"principle of least privilege. Overly permissive access allows attackers to move "
"laterally once inside — using remote services (T1021), abusing valid credentials "
"(T1078), bypassing authorisation checks (T1548), or using stolen session tokens "
"(T1550) to access systems the compromised user was never meant to reach."
),
"techniques": ["T1078", "T1021", "T1548", "T1550"],
},
{
"control_id": "8.5",
"title": "Secure Authentication",
"category": "8 — Technological Controls",
"description": (
"Requires strong authentication mechanisms — multi-factor authentication (MFA), "
"password complexity, and session management — for all access to systems and "
"applications. Weak authentication is the root cause of the majority of breaches: "
"credential stuffing and password spraying (T1110), extracting password hashes from "
"memory or disk (T1003), using previously stolen credentials (T1078), and forging "
"Kerberos tickets (T1558). MFA alone blocks over 99% of automated credential "
"attacks."
),
"techniques": ["T1078", "T1110", "T1003", "T1558"],
},
{
"control_id": "8.7",
"title": "Protection Against Malware",
"category": "8 — Technological Controls",
"description": (
"Requires anti-malware controls including detection software, user awareness, "
"and policies on software use. Malware is delivered through multiple vectors: "
"script-based execution (T1059), user-initiated execution of malicious files "
"(T1204), phishing emails (T1566), and obfuscated or packed payloads designed "
"to evade detection (T1027, T1140). Effective anti-malware combines endpoint "
"detection, email filtering, and user training."
),
"techniques": ["T1059", "T1204", "T1027", "T1566", "T1140"],
},
{
"control_id": "8.8",
"title": "Management of Technical Vulnerabilities",
"category": "8 — Technological Controls",
"description": (
"Requires timely identification and remediation of technical vulnerabilities through "
"a structured patch management and vulnerability scanning programme. Unpatched "
"systems are a primary attack vector: exploiting public-facing applications (T1190), "
"client-side vulnerabilities (T1203), local privilege escalation flaws (T1068), and "
"remote service vulnerabilities (T1210). The faster vulnerabilities are patched, "
"the shorter the window of exposure."
),
"techniques": ["T1190", "T1203", "T1068", "T1210"],
},
{
"control_id": "8.9",
"title": "Configuration Management",
"category": "8 — Technological Controls",
"description": (
"Requires secure baseline configurations for all systems, with change control to "
"prevent unauthorised modifications. Attackers exploit insecure configurations to "
"establish persistence: hijacking DLL search paths or environment variables (T1574), "
"abusing event-triggered execution hooks (T1546), modifying registry settings "
"(T1112), or installing malicious services (T1543). A hardened baseline makes these "
"techniques significantly harder to execute."
),
"techniques": ["T1574", "T1546", "T1112", "T1543"],
},
{
"control_id": "8.12",
"title": "Data Leakage Prevention",
"category": "8 — Technological Controls",
"description": (
"Requires technical and procedural controls to prevent unauthorised disclosure of "
"sensitive information. Data exfiltration is the end goal of most targeted attacks — "
"via alternative protocols (T1048), command-and-control channels (T1041), cloud "
"storage services (T1567), or blending with legitimate web traffic (T1071). DLP "
"tools, network monitoring, and egress filtering are the primary technical controls "
"validated by this Red Team coverage metric."
),
"techniques": ["T1048", "T1041", "T1567", "T1071"],
},
{
"control_id": "8.13",
"title": "Information Backup",
"category": "8 — Technological Controls",
"description": (
"Requires regular, tested backups of information and systems, with copies stored "
"separately from the production environment. Ransomware specifically targets backups "
"to maximise leverage — encrypting data (T1486), deleting or inhibiting recovery "
"tools (T1490), and wiping disks (T1561). Immutable, offsite, and regularly tested "
"backups are the only reliable defence against ransomware extortion."
),
"techniques": ["T1486", "T1490", "T1561"],
},
{
"control_id": "8.15",
"title": "Logging",
"category": "8 — Technological Controls",
"description": (
"Requires event logs to be generated, protected, and retained for all relevant "
"systems. Logs are the primary evidence source for incident investigation — and "
"therefore the primary target for attackers covering their tracks: clearing event "
"logs (T1070) and disabling the security tools that generate them (T1562). Sending "
"logs to a centralised, protected SIEM immediately reduces the risk of evidence "
"destruction."
),
"techniques": ["T1562", "T1070"],
},
{
"control_id": "8.16",
"title": "Monitoring Activities",
"category": "8 — Technological Controls",
"description": (
"Requires continuous monitoring of systems, networks, and applications to detect "
"anomalous activity. Without monitoring, attackers can operate undetected for months "
"— executing commands (T1059), using scheduled tasks for persistence (T1053), "
"establishing registry-based persistence (T1547), and disabling defences (T1562) "
"without triggering any alerts. The score on this control directly reflects the "
"organisation's ability to detect an active intrusion."
),
"techniques": ["T1059", "T1053", "T1547", "T1562"],
},
{
"control_id": "8.18",
"title": "Use of Privileged Utility Programs",
"category": "8 — Technological Controls",
"description": (
"Requires that privileged utility tools — system administration tools, scripting "
"engines, diagnostic utilities — are tightly controlled and audited. Attackers "
"routinely abuse built-in system utilities ('living-off-the-land'): command-line "
"interpreters (T1059), privilege escalation tools (T1548, T1134), and system "
"services (T1569). Restricting who can run these tools and logging all usage "
"significantly limits an attacker's post-exploitation options."
),
"techniques": ["T1059", "T1548", "T1134", "T1569"],
},
{
"control_id": "8.19",
"title": "Installation of Software on Operational Systems",
"category": "8 — Technological Controls",
"description": (
"Requires authorisation and verification for any software installed on operational "
"systems, including a software allowlist where practical. Attackers introduce "
"malicious software through multiple channels: compromised software update "
"mechanisms (T1195), deployment systems used as attack vectors (T1072), and "
"persistence via auto-run keys or startup folders (T1546). An authorised software "
"baseline makes unauthorised installations immediately detectable."
),
"techniques": ["T1195", "T1072", "T1546"],
},
{
"control_id": "8.20",
"title": "Networks Security",
"category": "8 — Technological Controls",
"description": (
"Requires network security controls — firewalls, IDS/IPS, network monitoring, and "
"traffic filtering — to protect information in transit and prevent unauthorised "
"network access. Attackers use non-standard ports (T1571), protocol tunnelling "
"(T1572), multi-hop proxies (T1090), and lateral movement via remote services "
"(T1021) to evade network defences. Network controls are the last line of detection "
"before data leaves the organisation."
),
"techniques": ["T1571", "T1572", "T1090", "T1021"],
},
{
"control_id": "8.22",
"title": "Segregation of Networks",
"category": "8 — Technological Controls",
"description": (
"Requires that networks are segmented into separate zones based on trust level and "
"data sensitivity, with controls between zones. Network segmentation limits the "
"blast radius of a breach — without it, attackers move freely between systems using "
"remote services (T1021), abusing alternate authentication material (T1550), or "
"stealing Kerberos tickets to access other network segments (T1558). Effective "
"segmentation forces attackers to 'break through' multiple layers."
),
"techniques": ["T1021", "T1550", "T1558"],
},
{
"control_id": "8.23",
"title": "Web Filtering",
"category": "8 — Technological Controls",
"description": (
"Requires filtering of web access to block malicious or unauthorised sites, "
"protecting users from web-based threats. Phishing links (T1566), drive-by "
"downloads (T1189), and social engineering attacks (T1204) all rely on users "
"reaching malicious web destinations. Web filtering provides a technical backstop "
"that catches threats even when users fail to recognise them."
),
"techniques": ["T1566", "T1204", "T1189"],
},
{
"control_id": "8.24",
"title": "Use of Cryptography",
"category": "8 — Technological Controls",
"description": (
"Requires appropriate use of encryption to protect the confidentiality and integrity "
"of sensitive information. Without encryption, attackers can intercept communications "
"using encrypted channels they control (T1573), extract data from compressed archives "
"(T1022), or obfuscate malicious payloads to evade detection (T1027). Enforcing "
"strong, approved encryption algorithms and key management reduces exposure across "
"all of these scenarios."
),
"techniques": ["T1573", "T1022", "T1027"],
},
{
"control_id": "8.26",
"title": "Application Security Requirements",
"category": "8 — Technological Controls",
"description": (
"Requires that information security requirements are identified and agreed at the "
"start of any application development or procurement. Applications without defined "
"security requirements frequently ship with exploitable vulnerabilities — allowing "
"attackers to exploit public-facing applications (T1190), execute code via "
"vulnerable client-side logic (T1203), or run commands through application "
"weaknesses (T1059). Security requirements must be defined before coding begins, "
"not retrofitted after deployment."
),
"techniques": ["T1190", "T1059", "T1203"],
},
{
"control_id": "8.28",
"title": "Secure Coding",
"category": "8 — Technological Controls",
"description": (
"Requires software development teams to follow secure coding principles, including "
"input validation, output encoding, and security testing as part of the build "
"process. Coding flaws are a primary source of exploitable vulnerabilities — "
"enabling injection attacks (T1059), exploitation of application weaknesses (T1190), "
"and client-side code execution (T1203). A mature secure development lifecycle "
"catches these flaws before they reach production."
),
"techniques": ["T1059", "T1190", "T1203"],
},
{
"control_id": "8.32",
"title": "Change Management",
"category": "8 — Technological Controls",
"description": (
"Requires a formal change management process for all changes to information "
"processing facilities and systems. Unauthorised changes are a key attacker "
"technique for maintaining persistent access — hijacking execution via DLL "
"planting (T1574), registering malicious event handlers (T1546), or modifying "
"registry keys (T1112). Change management with mandatory review and approval "
"makes these modifications immediately visible and attributable."
),
"techniques": ["T1574", "T1546", "T1112"],
},
{
"control_id": "8.34",
"title": "Protection of Information Systems During Audit Testing",
"category": "8 — Technological Controls",
"description": (
"Requires that audit and penetration testing activities are carefully planned and "
"controlled so that tests do not disrupt live systems or become a vector for attack. "
"Poorly controlled audit tests can inadvertently disable security monitoring (T1562) "
"or trigger unintended script execution (T1059). This control also ensures audit "
"access credentials are not reused by attackers after the engagement."
),
"techniques": ["T1562", "T1059"],
},
]
return _import_curated_framework(db, framework, ISO_27001_CONTROLS)
def import_iso_42001_mappings(db: Session) -> dict:
"""Import ISO/IEC 42001:2023 Annex A controls with ATT&CK technique mappings.
ISO/IEC 42001:2023 is the international standard for Artificial Intelligence
Management Systems (AIMS). Annex A contains controls specific to the governance,
operation, and security of AI systems.
ATT&CK mappings focus on threats to AI system infrastructure:
- Supply chain attacks on ML frameworks and model artefacts
- Data pipeline compromise (training data poisoning / exfiltration)
- AI model serving exploitation
- Adversarial access to AI APIs and datasets
Returns a summary dict with counts.
"""
framework = (
db.query(ComplianceFramework)
.filter(ComplianceFramework.name == "ISO/IEC 42001:2023")
.first()
)
if not framework:
framework = ComplianceFramework(
name="ISO/IEC 42001:2023",
version="2023",
description=(
"ISO/IEC 42001:2023 — International standard for Artificial Intelligence "
"Management Systems (AIMS). Establishes requirements and guidance for "
"organisations developing or using AI systems responsibly, covering governance, "
"risk, transparency, and security of AI pipelines and models."
),
url="https://www.iso.org/standard/81230.html",
is_active=True,
)
db.add(framework)
db.flush()
logger.info("Created ISO/IEC 42001:2023 framework")
else:
logger.info("ISO/IEC 42001:2023 framework already exists")
# NOTE: ISO/IEC 42001:2023 focuses on AI governance, not cybersecurity controls per se.
# The ATT&CK technique mappings here represent threats to the IT INFRASTRUCTURE that
# supports AI systems (data pipelines, model APIs, ML supply chains), not AI-specific
# attack techniques. MITRE ATT&CK Enterprise v14 does not yet include dedicated
# AI-targeted techniques. These mappings are based on the Centre for Security AI
# research community consensus (2023-2024) pending official CTID guidance.
ISO_42001_CONTROLS = [
# ── A.2 Organization's Policies Related to AI ────────────────────────
{
"control_id": "A.2.2",
"title": "Process to Determine AI Impacts on Individuals",
"category": "A.2 — AI Policy",
"description": (
"Requires a systematic process to identify how AI system decisions or outputs "
"could affect individuals — including employees, customers, and third parties. "
"From a security perspective, an attacker who can map the AI's decision logic "
"or data sources (T1082, T1592, T1590) can design adversarial inputs or "
"manipulation strategies. Understanding AI impacts is therefore also a prerequisite "
"for assessing the business risk of an AI system compromise."
),
"techniques": ["T1082", "T1592", "T1590"],
},
{
"control_id": "A.2.6",
"title": "Responsible Development and Use of AI",
"category": "A.2 — AI Policy",
"description": (
"Requires policies for responsible AI development covering transparency, fairness, "
"and safety. From a Red Team perspective, irresponsible development practices — "
"such as using untrusted open-source components (T1195) or failing to validate "
"AI pipeline scripts (T1059) — create attack surfaces that are difficult to defend. "
"This control establishes the governance foundation for secure AI development."
),
"techniques": ["T1195", "T1059"],
},
# ── A.3 Internal Organization ─────────────────────────────────────────
{
"control_id": "A.3.2",
"title": "Roles and Responsibilities for AI Systems",
"category": "A.3 — Internal Organization",
"description": (
"Requires clear ownership of AI systems — who builds them, who operates them, "
"and who is accountable for their security and ethical use. Without defined "
"ownership, AI system accounts are often orphaned and unmonitored (T1078), "
"account enumeration goes unnoticed (T1087), and excessive group memberships "
"accumulate (T1069). This control ensures someone is accountable for the security "
"posture of every AI component."
),
"techniques": ["T1078", "T1087", "T1069"],
},
{
"control_id": "A.3.3",
"title": "Reporting on AI Performance",
"category": "A.3 — Internal Organization",
"description": (
"Requires regular reporting on AI system performance, including anomalies and "
"incidents. Attackers who manipulate an AI system (e.g., through data poisoning or "
"adversarial inputs) will often disable or tamper with the monitoring systems that "
"would reveal the manipulation (T1562) and clear associated logs (T1070). Robust "
"reporting that is independent of the AI system itself provides resilience against "
"this class of attack."
),
"techniques": ["T1562", "T1070"],
},
# ── A.4 Resources for AI Systems ─────────────────────────────────────
{
"control_id": "A.4.1",
"title": "Resource Management for AI Systems",
"category": "A.4 — AI Resources",
"description": (
"Requires adequate and protected computing resources for AI systems — GPU/CPU "
"clusters, storage, and inference infrastructure. AI systems require significant "
"compute and are therefore targets for resource exhaustion attacks: application-layer "
"denial of service (T1499) and volumetric network flooding (T1498) can prevent "
"AI services from operating or degrade their accuracy. Resource provisioning and "
"DDoS protection are essential safeguards."
),
"techniques": ["T1499", "T1498"],
},
{
"control_id": "A.4.2",
"title": "AI System Supply Chain Management",
"category": "A.4 — AI Resources",
"description": (
"Requires vetting and ongoing management of third-party components used in AI "
"systems — including pre-trained models, ML frameworks (TensorFlow, PyTorch), "
"datasets, and cloud AI services. Supply chain attacks are a growing threat: "
"adversaries compromise software dependencies (T1195), exploit trusted third-party "
"relationships (T1199), or abuse software deployment mechanisms (T1072) to inject "
"malicious behaviour into AI pipelines. Model supply chain integrity is especially "
"critical because a backdoored model may produce correct outputs in testing but "
"behave maliciously in production."
),
"techniques": ["T1195", "T1199", "T1072"],
},
# ── A.5 Assessing Impacts of AI Systems ──────────────────────────────
{
"control_id": "A.5.2",
"title": "AI System Impact Assessment",
"category": "A.5 — AI Impact Assessment",
"description": (
"Requires formal assessment of the risks and impacts of deploying an AI system "
"before it goes live and periodically thereafter. From a threat perspective, "
"attackers perform reconnaissance on AI systems to understand their capabilities, "
"inputs, and data sources: system enumeration (T1082), network infrastructure "
"discovery (T1592), and victim intelligence gathering (T1589). An impact assessment "
"that identifies sensitive inputs and high-value outputs helps prioritise where "
"security controls are most needed."
),
"techniques": ["T1082", "T1592", "T1589"],
},
{
"control_id": "A.5.4",
"title": "AI Risk Treatment",
"category": "A.5 — AI Impact Assessment",
"description": (
"Requires that identified AI risks have defined treatment plans — accepted, "
"mitigated, transferred, or avoided. Risk treatment for AI systems must address "
"exploitation of the AI API or web interface (T1190), privilege escalation within "
"the AI infrastructure (T1068), and client-side attacks targeting users of AI "
"applications (T1203). Untreated risks represent known attack surfaces that "
"adversaries will exploit."
),
"techniques": ["T1190", "T1068", "T1203"],
},
# ── A.6 AI System Life Cycle ──────────────────────────────────────────
{
"control_id": "A.6.1",
"title": "AI System Life Cycle Management",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires security to be embedded throughout the AI system life cycle — from data "
"collection through training, deployment, monitoring, and decommissioning. Each "
"phase introduces distinct attack surfaces: compromised training dependencies "
"(T1195), malicious execution during build pipelines (T1574), and persistence "
"mechanisms introduced via rogue services in the AI infrastructure (T1543). "
"Life cycle security ensures no phase is left unguarded."
),
"techniques": ["T1195", "T1574", "T1543"],
},
{
"control_id": "A.6.2",
"title": "AI Objectives and Requirements",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires that security and privacy requirements are captured alongside functional "
"requirements from the start of an AI project. AI systems built without security "
"requirements frequently expose exploitable APIs (T1190) or allow arbitrary code "
"execution through unvalidated inputs (T1059). Defining security requirements early "
"is far cheaper than remediating vulnerabilities after deployment."
),
"techniques": ["T1190", "T1059"],
},
{
"control_id": "A.6.3",
"title": "AI System Design and Implementation",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires security-conscious design and implementation of AI systems — including "
"input validation, secure API design, and minimal attack surface. Poorly designed "
"AI systems are vulnerable to supply chain attacks on dependencies (T1195), "
"command injection via model prompts or API inputs (T1059), exploitation of the "
"serving infrastructure (T1190), and obfuscated malicious components in model "
"artefacts (T1027). Secure design principles applied during implementation "
"prevent these vulnerabilities from being introduced."
),
"techniques": ["T1195", "T1059", "T1190", "T1027"],
},
{
"control_id": "A.6.4",
"title": "AI System Verification and Validation",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires testing and validation that the AI system performs as intended and does "
"not behave maliciously. Security validation must detect data manipulation in the "
"training or inference pipeline (T1565) — often called 'data poisoning' — and "
"compromised model artefacts from supply chain attacks (T1195). Validation that "
"only checks functional accuracy will miss these attack vectors entirely."
),
"techniques": ["T1565", "T1195"],
},
{
"control_id": "A.6.5",
"title": "AI System Documentation",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires comprehensive documentation of AI system architecture, data flows, model "
"versions, and dependencies. Documentation itself can become an attack vector if "
"not protected: attackers who access internal AI documentation can discover "
"sensitive file locations (T1083) and extract proprietary training data or model "
"weights (T1005). Documentation must be classified, access-controlled, and "
"version-controlled."
),
"techniques": ["T1083", "T1005"],
},
{
"control_id": "A.6.6",
"title": "AI System Monitoring",
"category": "A.6 — AI Life Cycle",
"description": (
"Requires operational monitoring of AI system behaviour — including anomaly "
"detection for unexpected inputs, outputs, and performance degradation. Attackers "
"who successfully compromise an AI system will attempt to disable or manipulate "
"its monitoring (T1562), clear associated operational logs (T1070), and maintain "
"persistence through the system's own execution mechanisms (T1059). Independent, "
"tamper-resistant monitoring is essential for detecting AI-targeted attacks."
),
"techniques": ["T1562", "T1070", "T1059"],
},
# ── A.7 Data for AI Systems ───────────────────────────────────────────
{
"control_id": "A.7.2",
"title": "Data Acquisition",
"category": "A.7 — AI Data",
"description": (
"Requires that data used to train or operate AI systems is acquired from authorised "
"sources with appropriate consents and security controls. Training datasets "
"represent high-value intellectual property — attackers target them for exfiltration "
"by collecting data directly from systems (T1005), staging it for extraction (T1074), "
"or harvesting it from email and document stores (T1114). Unauthorised data "
"acquisition also violates privacy regulations (GDPR, AI Act)."
),
"techniques": ["T1005", "T1074", "T1114"],
},
{
"control_id": "A.7.3",
"title": "Data Preparation",
"category": "A.7 — AI Data",
"description": (
"Requires secure and auditable data preparation pipelines — cleaning, labelling, "
"feature engineering — with controls to prevent unauthorised modification. "
"Data preparation pipelines are a primary vector for training data poisoning "
"(T1565), where an attacker subtly modifies training samples to cause the model "
"to learn incorrect or backdoored behaviour. Adversarial data scientists have "
"demonstrated that poisoning as little as 0.1% of training data can compromise "
"a model. Pipeline scripts must also be code-reviewed (T1059)."
),
"techniques": ["T1565", "T1059"],
},
{
"control_id": "A.7.4",
"title": "Data Quality",
"category": "A.7 — AI Data",
"description": (
"Requires that data used in AI systems meets defined quality standards and is "
"monitored for drift or degradation. Attackers can degrade AI system performance "
"by manipulating input data quality (T1565) or destroying datasets entirely "
"(T1485). In production, adversarial examples — carefully crafted inputs designed "
"to fool the model — exploit the gap between training data distribution and "
"real-world inputs. Data quality controls include anomaly detection on inputs."
),
"techniques": ["T1565", "T1485"],
},
{
"control_id": "A.7.5",
"title": "Data Provenance",
"category": "A.7 — AI Data",
"description": (
"Requires tracking the origin, transformation history, and custody chain of all "
"data used in AI systems. Without provenance tracking, it is impossible to detect "
"whether a dataset was poisoned in the supply chain (T1195) or maliciously "
"modified during processing (T1565). Data provenance also provides the audit trail "
"needed for regulatory compliance (EU AI Act, GDPR) and incident investigation "
"after an AI system produces unexpected outputs."
),
"techniques": ["T1195", "T1565"],
},
{
"control_id": "A.7.6",
"title": "Data Privacy",
"category": "A.7 — AI Data",
"description": (
"Requires that personal data used in AI systems is processed lawfully, minimised, "
"and protected against unauthorised access. AI training datasets often contain "
"sensitive personal information that is a prime exfiltration target: direct "
"collection from local systems (T1005), harvesting from email (T1114), and "
"exfiltration via alternative protocols (T1048) or C2 channels (T1041). A "
"successful breach that extracts a training dataset typically constitutes a "
"reportable data breach under GDPR."
),
"techniques": ["T1005", "T1114", "T1048", "T1041"],
},
# ── A.8 Information About Use of AI Systems ───────────────────────────
{
"control_id": "A.8.1",
"title": "Transparency and Explainability of AI Systems",
"category": "A.8 — AI Information",
"description": (
"Requires that AI systems are transparent about their capabilities, limitations, "
"and decision logic to relevant stakeholders. From a security standpoint, lack of "
"explainability makes it harder to detect when an AI system is being manipulated. "
"Attackers gather information about AI system architecture (T1082), map connected "
"infrastructure (T1592), and collect intelligence on the organisation's AI "
"capabilities (T1590) to design targeted exploits. Transparency controls and "
"model cards reduce this information asymmetry for defenders."
),
"techniques": ["T1082", "T1592", "T1590"],
},
{
"control_id": "A.8.2",
"title": "Security of AI Systems",
"category": "A.8 — AI Information",
"description": (
"The core security control of ISO 42001: requires that AI systems are protected "
"against adversarial attacks, unauthorised access, and integrity violations. This "
"covers the full attack surface of an AI system in production: exploitation of "
"the serving API (T1190), command injection or prompt injection attacks (T1059), "
"exploitation of vulnerabilities in the inference framework (T1203), credential "
"attacks on AI platform accounts (T1078), and brute-force attacks on AI service "
"endpoints (T1110). This control must be validated through Red Team exercises "
"that specifically target AI infrastructure."
),
"techniques": ["T1190", "T1059", "T1203", "T1078", "T1110"],
},
# ── A.9 Use of AI Systems by Affected Parties ─────────────────────────
{
"control_id": "A.9.1",
"title": "Intended Use of AI Systems",
"category": "A.9 — AI Use",
"description": (
"Requires that AI systems are only used for their intended, authorised purpose and "
"that users are informed about appropriate use boundaries. Adversaries exploit AI "
"systems for unintended uses — for example, using AI-generated content as a "
"phishing vector (T1566), tricking users into executing AI-generated malicious "
"content (T1204), or using AI tools to automate credential harvesting campaigns "
"(T1598). Controls on intended use reduce the organisation's liability and attack "
"surface simultaneously."
),
"techniques": ["T1566", "T1204", "T1598"],
},
{
"control_id": "A.9.3",
"title": "Human Oversight of AI Systems",
"category": "A.9 — AI Use",
"description": (
"Requires meaningful human oversight for high-risk AI decisions, including the "
"ability to intervene or override AI system outputs. An AI system without human "
"oversight that is compromised by an attacker — through credential theft (T1078), "
"token manipulation (T1134), or disabling its safety monitoring (T1562) — can "
"make autonomous decisions with real-world consequences before anyone notices. "
"Human oversight is both an ethical requirement (EU AI Act) and a critical "
"security control."
),
"techniques": ["T1078", "T1134", "T1562"],
},
# ── A.10 Third-Party and Customer Relationships ───────────────────────
{
"control_id": "A.10.1",
"title": "Third-Party AI System Governance",
"category": "A.10 — Third-Party Relationships",
"description": (
"Requires governance of third-party AI services, APIs, and models used by the "
"organisation — including due diligence, contractual security requirements, and "
"ongoing monitoring. Third-party AI services are an increasingly attractive attack "
"target: adversaries exploit trusted relationships (T1199), compromise the software "
"supply chain of AI providers (T1195), abuse valid credentials to access third-party "
"AI APIs (T1078), or use legitimate external remote services as exfiltration "
"channels (T1133). This control establishes the security baseline for all AI "
"third-party dependencies."
),
"techniques": ["T1199", "T1195", "T1078", "T1133"],
},
{
"control_id": "A.10.2",
"title": "Customer Relationships for AI Systems",
"category": "A.10 — Third-Party Relationships",
"description": (
"Requires appropriate disclosure to customers about the AI systems used in products "
"or services that affect them, including security and privacy implications. "
"Lack of customer disclosure creates risks when AI-generated content is weaponised "
"against users: AI-crafted phishing messages (T1566), information gathering via AI "
"personas (T1598), and credential harvesting targeting users who trust AI-powered "
"interfaces (T1078). Transparent disclosure allows customers to make informed "
"risk decisions."
),
"techniques": ["T1566", "T1598", "T1078"],
},
]
return _import_curated_framework(db, framework, ISO_42001_CONTROLS)
def _import_curated_framework(
db: Session,
framework: ComplianceFramework,
controls: list[dict],
) -> dict:
"""Shared helper to import a curated list of controls and technique mappings.
``controls`` is a list of dicts with keys:
- control_id (str)
- title (str)
- category (str)
- techniques (list[str] — MITRE ATT&CK IDs)
Returns a summary dict.
"""
all_techniques = {t.mitre_id: t for t in db.query(Technique).all()}
existing_controls = {
c.control_id: c
for c in db.query(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
}
existing_mappings: set[tuple[str, str]] = set()
for m in (
db.query(ComplianceControlMapping)
.join(ComplianceControl)
.filter(ComplianceControl.framework_id == framework.id)
.all()
):
existing_mappings.add((str(m.compliance_control_id), str(m.technique_id)))
controls_created = 0
mappings_created = 0
for item in controls:
cid = item["control_id"]
if cid in existing_controls:
control = existing_controls[cid]
else:
control = ComplianceControl(
framework_id=framework.id,
control_id=cid,
title=item["title"],
category=item.get("category"),
description=item.get("description"),
)
db.add(control)
db.flush()
existing_controls[cid] = control
controls_created += 1
for mitre_id in item.get("techniques", []):
technique = all_techniques.get(mitre_id)
if not technique:
continue
key = (str(control.id), str(technique.id))
if key in existing_mappings:
continue
db.add(ComplianceControlMapping(
compliance_control_id=control.id,
technique_id=technique.id,
))
existing_mappings.add(key)
mappings_created += 1
db.commit()
summary = {
"framework": framework.name,
"controls_created": controls_created,
"controls_existing": len(existing_controls) - controls_created,
"mappings_created": mappings_created,
"mappings_skipped": 0,
"total_controls": len(existing_controls),
}
logger.info(f"{framework.name} import complete: {summary}")
return summary
def _get_nist_category(family_code: str) -> str:
"""Map NIST 800-53 family code to category name."""
categories = {
"AC": "Access Control",
"AT": "Awareness and Training",
"AU": "Audit and Accountability",
"CA": "Assessment, Authorization, and Monitoring",
"CM": "Configuration Management",
"CP": "Contingency Planning",
"IA": "Identification and Authentication",
"IR": "Incident Response",
"MA": "Maintenance",
"MP": "Media Protection",
"PE": "Physical and Environmental Protection",
"PL": "Planning",
"PM": "Program Management",
"PS": "Personnel Security",
"PT": "Personally Identifiable Information Processing and Transparency",
"RA": "Risk Assessment",
"SA": "System and Services Acquisition",
"SC": "System and Communications Protection",
"SI": "System and Information Integrity",
"SR": "Supply Chain Risk Management",
}
return categories.get(family_code, "Unknown")
Reference in New Issue View Git Blame Copy Permalink