Skip to content

RE 2.0.4
Compare
Choose a tag to compare
@karendm karendm released this 02 Oct 16:03
· 36 commits to develop since this release
v2.0.4
d600205
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Reporting Engine v2.0.4

This is the initial release of Reporting Engine (RE) 2.0 and includes the features outlined below. Assessment types not described below are not currently supported and will not work correctly until implementation in future releases. See README for full instructions.

  • Initial Risk and Vulnerability Assessment (RVA) implementation including the following features:

    • Assessment Details to track stakeholder and assessor information
    • Findings to track details about vulnerabilities, misconfigurations, and other findings of note during an assessment
    • Phishing services to track metrics pertaining to payload testing and phishing campaigns
    • Other services to track data exfiltration, ransomware, and port mapping metrics
    • Narratives to track attack path details and step-by-step walkthroughs
    • KEV Catalog to track identified Known Exploited Vulnerabilities and map them to findings
    • Risk Scoring placeholder to generate a score for comparing risk over time and between stakeholders based on custom methodology
    • Activity Tracker to track high level assessment activity and infrastructure details for stakeholder awareness
    • Election Infrastructure to track information pertaining to elections systems and their findings
    • Report screen for previewing/finalizing the assessment report
    • Export screen for exporting various artifacts and deliverables related to the assessment

  • Initial Federal Attack Surface Testing (FAST) implementation including the following features:

    • Assessment Details to track stakeholder and assessor information
    • Findings to track details about vulnerabilities, misconfigurations, and other findings of note during an assessment
    • Phishing services to track metrics pertaining to phishing campaigns
    • Port Mapping services to report open ports on public-facing systems
    • Narratives to track attack path details and step-by-step walkthroughs
    • KEV Catalog to track identified Known Exploited Vulnerabilities and map them to findings
    • Activity Tracker to track high level assessment activity and infrastructure details for stakeholder awareness
    • Report screen for previewing/finalizing the assessment report
    • Export screen for exporting various artifacts and deliverables related to the assessment
Assets 2
Loading