From 7ce125a108451bd63e991dd2b7ad4df7973e3e73 Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 23 Apr 2025 13:07:08 +0200 Subject: [PATCH 01/11] Add metric DocumentCSAFRedRestricted --- .../DocumentCSAFRedRestricted.yaml | 9 ++++ .../CSAF/DocumentCSAFRedRestricted/data.json | 4 ++ .../DocumentCSAFRedRestricted/metric.rego | 25 +++++++++++ .../SecurityAdvisoryDocument.json | 43 +++++++++++++++++++ 4 files changed, 81 insertions(+) create mode 100644 metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml create mode 100644 metrics/CSAF/DocumentCSAFRedRestricted/data.json create mode 100644 metrics/CSAF/DocumentCSAFRedRestricted/metric.rego create mode 100644 resources/jsonExamples/SecurityAdvisoryDocument.json diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml new file mode 100644 index 00000000..c1c66be0 --- /dev/null +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -0,0 +1,9 @@ +--- # Metadata +- id: DocumentCSAFRedRestricted +- description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. +- version: 1.0 +- comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. +--- # Configuration data +- p1: + - operator: == + - targetValue: true \ No newline at end of file diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/data.json b/metrics/CSAF/DocumentCSAFRedRestricted/data.json new file mode 100644 index 00000000..8f42045a --- /dev/null +++ b/metrics/CSAF/DocumentCSAFRedRestricted/data.json @@ -0,0 +1,4 @@ +{ + "operator": "==", + "target_value": true +} \ No newline at end of file diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego new file mode 100644 index 00000000..dfe3add0 --- /dev/null +++ b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego @@ -0,0 +1,25 @@ +package metrics.csaf.document_csaf_red_restricted + +import data.compare +import rego.v1 +import input as document + +default applicable := false + +default compliant := false + +restricted := ["RED", "AMBER"] + +applicable if { + # check resource type + "SecurityAdvisoryDocument" in document.type + + # check, if document is restricted (i.e. RED/AMBER) labeled + document.labels.tlp in restricted +} + +compliant if { + # RED/AMBER must NOT be freely accessible + auth := document.documentLocation.remoteDocumentLocation.authenticity + not auth.noAuthentication +} diff --git a/resources/jsonExamples/SecurityAdvisoryDocument.json b/resources/jsonExamples/SecurityAdvisoryDocument.json new file mode 100644 index 00000000..6967a542 --- /dev/null +++ b/resources/jsonExamples/SecurityAdvisoryDocument.json @@ -0,0 +1,43 @@ +{ + "creationTime": "2020-07-01T10:09:07Z", + "documentLocation": { + "remoteDocumentLocation": { + "authenticity": { + "certificateBasedAuthentication": {} + }, + "path": "https://127.0.0.1:62479/.well-known/csaf/white/2020/some-id.json", + "transportEncryption": { + "cipherSuites": [ + { + "authenticationMechanism": "", + "keyExchangeAlgorithm": "", + "macAlgorithm": "SHA-256", + "sessionCipher": "AES-128-GCM" + } + ], + "enabled": true, + "enforced": false, + "protocol": "TLS", + "protocolVersion": 1.3 + } + } + }, + "filetype": "JSON", + "id": "some-id", + "labels": { + "tlp": "RED" + }, + "name": "Buffer overflow in Test Product", + "raw": "", + "schemaValidation": { + "errors": [], + "format": "Common Security Advisory Framework", + "schemaUrl": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json" + }, + "securityFeatures": [], + "type": [ + "SecurityAdvisoryDocument", + "Document", + "Resource" + ] +} \ No newline at end of file From 7b6161644aa8f08e6d90848618db84df88f0b85a Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 28 May 2025 10:37:30 +0200 Subject: [PATCH 02/11] Add category --- .../DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index c1c66be0..44abcb6e 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,9 +1,10 @@ --- # Metadata - id: DocumentCSAFRedRestricted +- category: CSAF - description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. - version: 1.0 - comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. --- # Configuration data - p1: - operator: == - - targetValue: true \ No newline at end of file + - targetValue: true From 45e84c6c4fb09ae558fa38eb88590c19f4e4cd17 Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 28 May 2025 10:39:56 +0200 Subject: [PATCH 03/11] Update structure --- .../DocumentCSAFRedRestricted.yaml | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index 44abcb6e..4d6b24b5 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,10 +1,11 @@ ---- # Metadata -- id: DocumentCSAFRedRestricted -- category: CSAF -- description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. -- version: 1.0 -- comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. ---- # Configuration data -- p1: - - operator: == - - targetValue: true +# Metadata +id: DocumentCSAFRedRestricted +category: CSAF +description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. +version: 1.0 +comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. +# Configuration data +configuration: + p1: + operator: == + targetValue: true From 36c6d98c54f51cd802777f7b8cb0b14431b74d8a Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 25 Jun 2025 11:05:10 +0200 Subject: [PATCH 04/11] Add and update metric --- .../DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml | 2 +- metrics/CSAF/DocumentCSAFRedRestricted/metric.rego | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index 4d6b24b5..a769bdfd 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,7 +1,7 @@ # Metadata id: DocumentCSAFRedRestricted category: CSAF -description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. +description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [p1:noAuthentication] property is not utilized. version: 1.0 comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. # Configuration data diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego index dfe3add0..576c5e44 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego +++ b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego @@ -20,6 +20,6 @@ applicable if { compliant if { # RED/AMBER must NOT be freely accessible - auth := document.documentLocation.remoteDocumentLocation.authenticity + auth := document.dataLocation.remoteDataLocation.authenticity not auth.noAuthentication } From dc611242501f74b93339704575d3e5073e524d4b Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 9 Jul 2025 10:22:24 +0200 Subject: [PATCH 05/11] Enhance yaml file; update metric --- .../DocumentCSAFRedRestricted.yaml | 8 ++++---- metrics/CSAF/DocumentCSAFRedRestricted/data.json | 2 +- metrics/CSAF/DocumentCSAFRedRestricted/metric.rego | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index a769bdfd..b38d1276 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,11 +1,11 @@ -# Metadata +# ====== Metadata ====== id: DocumentCSAFRedRestricted category: CSAF description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [p1:noAuthentication] property is not utilized. -version: 1.0 +version: "1.0" comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. -# Configuration data +# ====== Configuration ====== configuration: p1: operator: == - targetValue: true + targetValue: false diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/data.json b/metrics/CSAF/DocumentCSAFRedRestricted/data.json index 8f42045a..f6301a58 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/data.json +++ b/metrics/CSAF/DocumentCSAFRedRestricted/data.json @@ -1,4 +1,4 @@ { "operator": "==", - "target_value": true + "target_value": false } \ No newline at end of file diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego index 576c5e44..981fb3c0 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego +++ b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego @@ -21,5 +21,5 @@ applicable if { compliant if { # RED/AMBER must NOT be freely accessible auth := document.dataLocation.remoteDataLocation.authenticity - not auth.noAuthentication + compare(data.operator, data.target_value, noAuthentication) } From 9aaa0cb7d087dacb1baec1f92138bf954749f5db Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Wed, 9 Jul 2025 10:23:39 +0200 Subject: [PATCH 06/11] Fix package path --- metrics/CSAF/DocumentCSAFRedRestricted/metric.rego | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego index 981fb3c0..df17c0ad 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego +++ b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego @@ -1,4 +1,4 @@ -package metrics.csaf.document_csaf_red_restricted +package cch.metrics.document_csaf_red_restricted import data.compare import rego.v1 From 7e282769178446c20c591e9ef47564226b1c3ffb Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Fri, 25 Jul 2025 08:52:09 +0200 Subject: [PATCH 07/11] Update DocumentCSAFRedRestricted.yaml --- .../DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index b38d1276..60fd2dae 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -7,5 +7,5 @@ comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protect # ====== Configuration ====== configuration: p1: - operator: == + operator: "==" targetValue: false From 921f8af0575ea7a440359ada6e47b60dd443be80 Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Mon, 26 Jan 2026 13:07:34 +0100 Subject: [PATCH 08/11] Update DocumentCSAFRedRestricted.yaml --- .../DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index 60fd2dae..a74d9bfa 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -3,7 +3,7 @@ id: DocumentCSAFRedRestricted category: CSAF description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [p1:noAuthentication] property is not utilized. version: "1.0" -comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. +comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The rego rule checks if one of the labels are available and if notAuthentication is used. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. # ====== Configuration ====== configuration: p1: From 8ed9dfadd2e8ad0913b2d4787da34b7270852264 Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Mon, 26 Jan 2026 18:44:15 +0100 Subject: [PATCH 09/11] Clean up files --- .../DocumentCSAFRedRestricted.yaml | 6 +-- .../DocumentCSAFRedRestricted/metric.rego | 4 +- .../SecurityAdvisoryDocument.json | 54 +++++++++---------- 3 files changed, 32 insertions(+), 32 deletions(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index b38d1276..4c425d8f 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -3,9 +3,9 @@ id: DocumentCSAFRedRestricted category: CSAF description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [p1:noAuthentication] property is not utilized. version: "1.0" -comments: A SecurityAdvisoryDocument labeled as "Amber" or "Red" must be protected by access controls. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. +comments: A SecurityAdvisoryDocument labeled as "AMBER" or "RED" must be protected by access controls. The Rego policy verifies that the noAuthentication property is not set; it performs this check directly in the policy and does not rely on configuration properties. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. # ====== Configuration ====== configuration: p1: - operator: == - targetValue: false + operator: + targetValue: diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego index df17c0ad..d66ecbaf 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego +++ b/metrics/CSAF/DocumentCSAFRedRestricted/metric.rego @@ -21,5 +21,5 @@ applicable if { compliant if { # RED/AMBER must NOT be freely accessible auth := document.dataLocation.remoteDataLocation.authenticity - compare(data.operator, data.target_value, noAuthentication) -} + not auth.noAuthentication +} \ No newline at end of file diff --git a/resources/jsonExamples/SecurityAdvisoryDocument.json b/resources/jsonExamples/SecurityAdvisoryDocument.json index 6967a542..ea8810e6 100644 --- a/resources/jsonExamples/SecurityAdvisoryDocument.json +++ b/resources/jsonExamples/SecurityAdvisoryDocument.json @@ -1,43 +1,43 @@ { "creationTime": "2020-07-01T10:09:07Z", - "documentLocation": { - "remoteDocumentLocation": { - "authenticity": { - "certificateBasedAuthentication": {} - }, - "path": "https://127.0.0.1:62479/.well-known/csaf/white/2020/some-id.json", - "transportEncryption": { - "cipherSuites": [ - { - "authenticationMechanism": "", - "keyExchangeAlgorithm": "", - "macAlgorithm": "SHA-256", - "sessionCipher": "AES-128-GCM" - } - ], - "enabled": true, - "enforced": false, - "protocol": "TLS", - "protocolVersion": 1.3 + "dataLocation": { + "remoteDataLocation": { + "authenticity": { + "certificateBasedAuthentication": {} + }, + "path": "https://127.0.0.1:62479/.well-known/csaf/white/2020/some-id.json", + "transportEncryption": { + "cipherSuites": [ + { + "authenticationMechanism": "", + "keyExchangeAlgorithm": "", + "macAlgorithm": "SHA-256", + "sessionCipher": "AES-128-GCM" } + ], + "enabled": true, + "enforced": false, + "protocol": "TLS", + "protocolVersion": 1.3 } + } }, "filetype": "JSON", "id": "some-id", "labels": { - "tlp": "RED" + "tlp": "RED" }, "name": "Buffer overflow in Test Product", "raw": "", "schemaValidation": { - "errors": [], - "format": "Common Security Advisory Framework", - "schemaUrl": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json" + "errors": [], + "format": "Common Security Advisory Framework", + "schemaUrl": "https://docs.oasis-open.org/csaf/csaf/v2.0/csaf_json_schema.json" }, "securityFeatures": [], "type": [ - "SecurityAdvisoryDocument", - "Document", - "Resource" + "SecurityAdvisoryDocument", + "Document", + "Resource" ] -} \ No newline at end of file + } \ No newline at end of file From b64dc46abd778350acbc0b9fd8cd15bae4839fcd Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Mon, 26 Jan 2026 18:52:50 +0100 Subject: [PATCH 10/11] Clean up --- .../DocumentCSAFRedRestricted.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index 4c425d8f..21f2d31f 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,11 +1,11 @@ # ====== Metadata ====== id: DocumentCSAFRedRestricted category: CSAF -description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [p1:noAuthentication] property is not utilized. -version: "1.0" +description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. +version: "v1" comments: A SecurityAdvisoryDocument labeled as "AMBER" or "RED" must be protected by access controls. The Rego policy verifies that the noAuthentication property is not set; it performs this check directly in the policy and does not rely on configuration properties. The specification can be found at https://docs.oasis-open.org/csaf/csaf/v2.0/os/csaf-v2.0-os.html#715-requirement-5-tlpamber-and-tlpred. # ====== Configuration ====== configuration: p1: - operator: - targetValue: + operator: == + targetValue: false From 09c0434e00d7f6a2eba10ba891d100d20561cfe4 Mon Sep 17 00:00:00 2001 From: Angelika Schneider Date: Fri, 30 Jan 2026 15:01:33 +0100 Subject: [PATCH 11/11] Add name and update ID --- .../DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml index 21f2d31f..c5a49c16 100644 --- a/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml +++ b/metrics/CSAF/DocumentCSAFRedRestricted/DocumentCSAFRedRestricted.yaml @@ -1,5 +1,6 @@ # ====== Metadata ====== -id: DocumentCSAFRedRestricted +id: 44359147-A651-4714-9883-E86AA07563D1 +name: DocumentCSAFRedRestricted category: CSAF description: This rule assesses whether a [SecurityAdvisoryDocument] that provides the property [RemoteDocumentLocation] is access protected by ensuring that the [noAuthentication] property is not utilized. version: "v1"