Aegis/backend/app/routers at 3db9809be566bfd27c8826f7ce7057bb46718980 - Aegis - Gitea: Git with a cup of tea

kitos/Aegis

Files

History

kitos 0b82d96bcc

Aegis CI / lint-and-test (push) Has been cancelled

Details

feat(compliance): add ISO/IEC 27001:2022 and ISO/IEC 42001:2023 frameworks

ISO 27001:2022: 37 Annex A controls across 4 themes (Organizational,
People, Physical, Technological) mapped to MITRE ATT&CK techniques.

ISO 42001:2023: 25 Annex A controls for AI Management Systems mapped to
relevant ATT&CK techniques covering AI supply chain, data pipeline
integrity, model serving security, and third-party AI risk.

Backend: import functions, _import_curated_framework() shared helper,
and POST /compliance/import/iso-27001 + iso-42001 endpoints.
Frontend: API client functions + import buttons in CompliancePage.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-06-03 15:50:54 +02:00

..

__init__.py

feat: Phase 2 - Authentication and authorization (T-010 to T-013)

2026-02-06 13:15:25 +01:00

admin_config.py

feat(admin): export/import configuration bundle for migration

2026-06-02 15:49:51 +02:00

advanced_metrics.py

feat: extract advanced_metrics, analytics, test_templates, and auth to services (Tier 1 complete)

2026-02-20 14:28:52 +01:00

analytics.py

fix(analytics): restrict operators endpoint to admin [FASE-2.5]

2026-05-18 14:00:47 +02:00

api_keys.py

feat(enterprise): Phase 14 — API Key Management + SSO/SAML 2.0

2026-05-20 16:43:57 +02:00

attack_paths.py

feat(attack-paths): Phase 10 — Attack Paths & Advanced Purple Team [FASE-10]

2026-05-20 13:11:01 +02:00

audit.py

feat: add Campaign/Compliance domain entities and extract users/audit/data_sources to services (LP-2 through LP-6)

2026-02-20 13:28:14 +01:00

auth.py

fix(auth): silent token refresh — active sessions no longer expire mid-use

2026-06-02 15:54:15 +02:00

campaigns.py

feat(campaigns): campaign timing panel with Red/Blue aggregated metrics

2026-06-02 11:06:42 +02:00

compliance.py

feat(compliance): add ISO/IEC 27001:2022 and ISO/IEC 42001:2023 frameworks

2026-06-03 15:50:54 +02:00

d3fend.py

feat: move all remaining inline logic from routers to services (Tier 2)

2026-02-20 14:34:24 +01:00

data_sources.py

refactor: remove db.commit() from audit_service.log_action, all callers use UoW

2026-02-20 15:33:23 +01:00

detection_lifecycle.py

fix(detection-lifecycle): fix timezone naive/aware mismatch and duplicate technique mapping

2026-05-19 16:29:04 +02:00

detection_rules.py

refactor(detection-rules): extract query/business logic to detection_rule_service, router is thin HTTP adapter

2026-02-19 17:39:31 +01:00

evidence.py

fix(evidence): proxy download + fix Jira attachment signature

2026-05-28 11:26:01 +02:00

executive_dashboard.py

feat(dashboard): Phase 13 — Executive Dashboard

2026-05-20 16:20:21 +02:00

heatmap.py

refactor(heatmap): extract business logic to dedicated service

2026-02-18 16:09:51 +01:00

intel.py

feat(intel): major intel scan improvements + Review Queue integration

2026-05-29 16:04:30 +02:00

jira.py

fix(jira): show test Jira tickets on technique page (correct entity model)

2026-05-29 11:48:55 +02:00

knowledge.py

security: fix 6 vulnerabilities identified in SDLC audit

2026-05-22 09:46:29 +02:00

metrics.py

refactor(metrics): extract query logic to metrics_query_service, thin down router to HTTP adapter

2026-02-19 17:06:07 +01:00

notifications.py

feat: move all remaining inline logic from routers to services (Tier 2)

2026-02-20 14:34:24 +01:00

operational_alerts.py

security: fix 6 vulnerabilities identified in SDLC audit

2026-05-22 09:46:29 +02:00

operational_metrics.py

feat(phase-33): final polish V3 - navigation, performance, and documentation (T-238 to T-240)

2026-02-10 09:21:35 +01:00

osint.py

refactor: remove db.commit() from business services, callers use UnitOfWork (Tier 3)

2026-02-20 14:42:20 +01:00

ownership.py

feat(ownership): Phase 9 — Ownership & Daily Operations [FASE-9]

2026-05-19 16:48:47 +02:00

professional_reports.py

feat(security): extend rate limits on sync, tests, evidence and reports [FASE-3.4]

2026-05-18 14:16:53 +02:00

reports.py

refactor(reports): extract query and aggregation logic to coverage_report_service, fix N+1 test-count pattern

2026-02-19 15:56:42 +01:00

risk_intelligence.py

feat(risk): Phase 12 — Risk Intelligence [FASE-12]

2026-05-20 15:31:38 +02:00

scores.py

feat(scoring): composite recency decay and severity weights persisted in DB [FASE-5.1]

2026-05-18 15:07:12 +02:00

snapshots.py

feat(scoring): composite recency decay and severity weights persisted in DB [FASE-5.1]

2026-05-18 15:07:12 +02:00

sso.py

security: fix 6 vulnerabilities identified in SDLC audit

2026-05-22 09:46:29 +02:00

system.py

feat(jira+tests): 5 improvements from review

2026-05-27 13:07:46 +02:00

techniques.py

refactor: remove db.commit() from audit_service.log_action, all callers use UoW

2026-02-20 15:33:23 +01:00

test_templates.py

feat(review-queue): trigger review_required on new test templates

2026-05-29 11:26:09 +02:00

tests.py

fix(disputed): add admin role + contact info in discussion modal

2026-06-03 13:02:57 +02:00

threat_actors.py

refactor(threat-actors): extract query/business logic to threat_actor_service, fix N+1 with grouped subqueries

2026-02-19 17:40:00 +01:00

users.py

feat(tempo): per-user Tempo API token — same pattern as Jira token

2026-05-27 10:46:38 +02:00

webhooks.py

security(webhooks): restrict all webhook endpoints to admin-only

2026-05-22 10:56:15 +02:00

worklogs.py

refactor: remove db.commit() from business services, callers use UnitOfWork (Tier 3)

2026-02-20 14:42:20 +01:00