The Essential Project Forum

Hi

I'm a little confused re the NIST files for Security Profile view that uses core_el_security_posture.xsl. I have downloaded the CVE files for each year from https://nvd.nist.gov/vuln/data-feeds but I can only get one file to be read at a time. How do I configure the page to use all the CVE files? I cannot seem to find a tutorial.

Many thanks

Hi Ben

Sorry, you have to do them one by one for now. We are looking at removing the need for this step by pulling from the NIST API, we've done a PoC and got it working but there are some potential limitations we're looking at. Unfortunately we have no date for release for this yet.

John

Hi John

That would be a great update. Let me know if you want us to pilot/test the new view.

Regards

Ben

Hi John

Have the Developers managed to interface with the NIST API? This would be really helpful.

I've also notice that Version slot in the Technology Product must be defined (see attached) however, I cannot see the Version slot in the protege UI and it's not included in the meta model - https://enterprise-architecture.org/doc ... oduct.html
Many thanks
Ben

Hi Ben,

We're looking to drop the files as very early beta (labs) in 6.18, currently in UAT. It has limitations, which is when it calls the NIST API, NIST throttle it to one request every 6 seconds (so with lots of tech prods it is a leave it and let it run at the moment). We're looking to address that, but it is lower down the priority list for the developers at the moment. For this reason, it won't be set-up in the repository or the baseline, but we'll provide instructions on how to do it, if you are willing to accept the limitations.

In summary, the first version will be helpful, but a little slow (we decided it was better to help people who are willing to accept that for now than delay it)

John

Hi John

I'm willing to accept the limitations because it will be really helpful as we improve our security posture. Let me know how I can an early adopter.

Thanks

Ben

Yes, no problem. Sorry, I forgot to answer your question re version, I suspect it is hidden. To unhide it.
1) In Protege (I'm assuming you are using OS), go to Project > Configure and click the FormsTab checkbox, a new tab will appear. Close the pop-up box.
2) Go to the Technology_Product class and click on the forms tab
3) Above the class tree you will see a small magnifying glass with two small lines beneath it. Click that.
4) In the window scroll down to technology_product_version and it will probably say <none>. click the none and make that a TextFieldWidget. It will now appear at the bottom of the page (drag it where you want it)
5) Switch back to the instances tab and you can now use the field

Sorry for the delay, this is in the 6.18 release in a labs folder and is early beta. You will need to be on at least 6.16 to use these views.

The file has instructions, the import spec and the report set up (look in View Library > Support)

Big caveats:
1) Do your NIST product ID import first
2) Open the manager and let it run, it takes 6 secs per product due to the NIST API throttling, so if there are lots of products it will take a while. The API occasionally fails, check the console if it seems to have hung
3) It's really targeted at smaller organisations for now - if you have lots of technology products then we suggest you don't use this for now.
4) The NIST API structure has changed a couple of times, so we needed to update the code, if it stops working then drop us a note here and we'll take a look.

NOTE: This was a side of desk project, and we've parked development on this for now. We're looking at a more efficient way of managing this - allowing batch calls, but there are cost implications on us to do that and some dev is needed too - it's on the stack but not a priority at the moment.

We will support this in Labs and make some changes, we've had some ideas already, but please provide any you have

Hi John

I finally got some time to try this. It's working perfectly thank you!!