Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve Inspec to NIST 800-53 Mapper #3

Open
2 of 3 tasks
tohch4 opened this issue Jan 26, 2021 · 3 comments · May be fixed by #4
Open
2 of 3 tasks

Improve Inspec to NIST 800-53 Mapper #3

tohch4 opened this issue Jan 26, 2021 · 3 comments · May be fixed by #4
Assignees
@tohch4

Comments

@tohch4
Copy link
Collaborator

tohch4 commented Jan 26, 2021
edited
Loading

  • Move from hard-coded files to parameters
  • Dynamically get component name from InSpec Profile JSON file
  • Dynamically populate some metadata (or do so via parameters)
@tohch4 tohch4 self-assigned this Jan 26, 2021
@tohch4 tohch4 linked a pull request Jan 27, 2021 that will close this issue
Draft
@tohch4
Copy link
Collaborator Author

tohch4 commented Jan 27, 2021
edited
Loading

@gregelin I took a little longer than planned and might need to revisit this later in the evening. Just added reading in the component name from the Inspec name attribute raw to show approach, not sure that is what you want in our case.

Additionally, instead of prompting the user for the intermediate 800-53 control map filename and NDJSON filename, I just infix to the name of the result file add the stage name in between the final result component file and the extension (.json except for the NDJSON file, which I opt for .txt like you for obvious reasons).

Can you give me an example of some parameters you would want to see dynamically populated, and I move forward with that today/tomorrow by the afternoon?

Also I left that the original files as defaults for now. If you want to tune up or down the log level:

python3 utils/inspec_nist_mapper.py -h # See options, you probably knew this.
python3 utils/inspec_nist_mapper.py # Defaults to INFO log level for now.
LOGLEVEL=DEBUG python3 utils/inspec_nist_mapper.py # Also show DEBUG statements, only 1 or 2 for now, saves my bacon enough I copy this into util scripts all the time.

@aaronlippold
Copy link

I think this is looking good.

Let's have a quick sync call with @rbclark @aaronlippold and team to make sure we are hitting the mark.

@aaronlippold notes this conversation should also be implemented using inspecjs as well so we have both a javascript approach and a python approach. Luckly, it should be easy.

@tohch4
Copy link
Collaborator Author

tohch4 commented Jan 27, 2021

@aaronlippold cool, I too would be interested in experimenting with similar mapping activity from Inspec to the an OSCAL component with InspecJS, but I was of course leaning on GovReady's and its models and code to transform into an OSCAL component. I would like to find out more about getting the right shape of data in the SSP, SAP, and SAR (as I am not 100% confident that is right, but I can tell we got the approach down).

I forked InspecJS to play around, so maybe I can be of some use there.

Sadly, there are not many examples upstream, so can we bring this up in the upcoming ATARC meeting?

Also, should we throw up some tasks in the FreedCamp board or here? I have just been using the issue tracker in this repo for laziness and to be low friction.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tohch4 tohch4

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improve Inspec to NIST 800-53 Mapper Abstractions GovReady/oscal-lifecycle-examples
2 participants
@aaronlippold @tohch4