Investigate the attemptXFromSoftProdVulnerability Attack Steps

mal-lang / coreLang

A probabilistic attack simulation language for the (abstract) IT domain

https://mal-lang.org/coreLang/

Other

11 stars 13 forks source link

Investigate the attemptXFromSoftProdVulnerability Attack Steps #102

Open andrewbwm opened 3 months ago

andrewbwm commented 3 months ago

The attempt[Read/Deny/Modify]FromSoftProdVulnerability attack steps on the Application asset show up as viable using the https://github.com/mal-lang/mal-toolbox. This is not incorrect, but it feels confusing and the steps themselves seem redundant as they could only be called if the associated SoftwareProduct existed in the first place.

It might be worth removing them if they do not serve any other purpose to clean up the resulting attack graphs.

andrewbwm commented 2 months ago

The softwareProductVulnerabilityXAchieved steps also show up as viable even if there is no SoftwareProduct. A possible fix might be to turn those steps into AND steps and have SoftwareCheck lead to them as well.