Open DinisCruz opened 9 years ago
romichg
commented
9 years ago This is a nice idea, yet I question the necessity of this effort. There are many things on our plate. Why do we keep creating issues where we can use existing tools - like Checkmarx. I will put this on the backlog for sprint 4 for now.
DinisCruz
commented
9 years ago because: a) we need a way to get this information in order to write a tests that confirms that we have a water-tight attack-surface (i.e. provide assurance of TM security) b) checkmarx and the other SAST tools are not able to give us this (in the way that is consumable) c) we have already issues that require these mappings (for example https://github.com/TeamMentor/TM_4_0_Design/issues/370#issuecomment-72505097 ) d) we should be documenting all good ideas that we have (since we do forget about them if not captured)
We need to take our current mapping of the TM Attack surface to the next level and also map the exposed/consumed parameters.
I think the only way we can do this is with static parsing of the controllers code and extract those mappings from them.
Note: this data could eventually be feed to a global filter that would white-list those inputs (which would add another layer of protection and ensure that new additions to the attack-surface, would break-by-design a couple tests. Just like what happens now with the tests that break once new urls are added to TM Design)
See TM Attack surface section of the [TM_Security]( page, for our current understanding of it (and how to get it)
TM-4.0-Security