search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.37k stars 162 forks source link

Bug: Campaign test cases added to assessment are not in the correct order by default and reordering them is not reliable #263

Closed grandmerchant closed 3 months ago

grandmerchant commented 5 months ago

Describe the bug When campaign test cases are added to an assessment, they are not ordered in the same way that they are ordered within the campaign creation page. Attempting to reorder the test cases within the assessment only partially works, with some test cases seemingly being impossible to reorder for unknown reasons. When you reorder and hit save, some test cases seem 'sticky' to their previous position and don't reorder properly.

Unless I'm missing something, this seems like a critical flaw as there is always a specific order that is preferred or even required to progress through various campaigns.

To Reproduce Steps to reproduce the behavior:

  1. Note the order of test cases within a campaign in the campaign creation menu
  2. Create an assessment and add the campaign to it
  3. View the test cases within the assessment, some will be out of order.
  4. Some attempts to reorder within the assessment will be unsuccessful as well

Expected behavior Reordering to work properly and test cases to be in the same order within an assessment that they are in within the campaign.

Screenshots If applicable, add screenshots to help explain your problem.

User Platform(please complete the following information):

VECTR Host(please complete the following information):

Additional context Add any other context about the problem here.

SRAPSpencer commented 5 months ago

This is a known issue with no current workaround. The campaign screen is currently being rewritten in our move to modern UI frameworks and this will be addressed then. Unfortunately I do not have an ETA for this release item.

I would recommend using tags on test cases if you'd like to set a recorded execution order to refrence them from the campaign screen. In our methodology we test defense in depth running every test case regardless of the outcome of previous tests, so it has been a less critical issue internally.

thebleucheese commented 4 months ago

@grandmerchant this should be fixed in next release in a couple weeks, possibly with the exception of wonky ordering on the escalation path page. That page is due for a rewrite and the older library we used for the orderable table items on there gets wild and crazy sometimes.

doodleincode commented 3 months ago

This has been fixed in 9.2.1.