Skip to content

Commit

Permalink
Updated purpose for available schemas (#15)
Browse files Browse the repository at this point in the history 
* Updated

* Updated the nav text

* Updated purpose

* Added glossary

* Updated

* Updated glossary

* Updated nav order

* Updated authors

* Updated purpose

* Updated purpose
  • Loading branch information
@asa1997
asa1997 authored Feb 21, 2024
1 parent 062eea4 commit 35f856a
Show file tree
Hide file tree
Showing 7 changed files with 75 additions and 41 deletions.
25 changes: 14 additions & 11 deletions docs/environment-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,19 @@ nav_order: 7
**Version 0.1.0 (Jan 25, 2024)**

Original authors:
- Vinod Panicker (@panickervinod)
- Harimohan Rajamohanan (@harimohanr)
- Arun Suresh (@asa1997 )

- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

This document defines the data interchange format for environments for any given organisation. An organization powered by BeSLab shall publish their environments to its peers as well the community dashboard BeSLighthouse. The data in this scehma can be used by other tools under the organization.
This format is stable, but further backwards compatible changes may still be made.
Feedback from maintainers of other vulnerability databases and security response teams
is most welcome. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).
This document outlines a standardized data interchange format for open source software environments of interest (OSSEoI) within organizations. The environments are used to set up an environment for OSSPoI which would contain all the necessary tools and utilities for a security analyst to start working on it. The OSSEoI encompasses essential project environment details such as environment **name**, **version** specifics, **author** information, **date_of_creation**, **last_update_date** and **last_execution** details. These details facilitate seamless sharing among peers within the organization and publication to the BeSLighthouse community dashboard. Open Source project environments can be onbaorded into BeSLab by BLIman utility. These environments can be installed using a utility called BeSman.

This standardized data interchange format not only streamlines the sharing and publication process of open source software project environments within organizations but also significantly reduces the time required for BeSLabs to set up the projects. By providing a structured framework for exchanging essential project details, BeSLabs can expedite their assessment procedures and evaluation of open source projects.

This format is stable, but further backwards compatible changes may still be made. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).

# Format Overview

Expand All @@ -43,7 +46,7 @@ contain UTF-8 text.
"tag": "STRING",
"release_date": "STRING"
},
"owner": {
"author": {
"name": "STRING",
"type": "STRING"
},
Expand Down Expand Up @@ -108,18 +111,18 @@ The `version` field is a dictionary with two properties,
- `tag`: Gives you the tag of the release.
- `release_date`: Gives you the date of the releae of the env script.

### environments.owner
### environments.author

```json
{
"owner": {
"author": {
"name": "STRING",
"type": "STRING"
}
}
```

The `owner` field is a dictionary which gives you the owner of the env script.
The `author` field is a dictionary which gives you the author of the env script.
- The `name` property gives you the name of the entity.
- The `type` property gives you whether the entity is a `user` or `organization` or `lab`.

Expand Down
2 changes: 1 addition & 1 deletion docs/glossary/glossary.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
layout: page
title: Glossary
permalink: /glossary/
nav_order: 10
nav_order: 11
---

## Open Source Software Projects of Interest(OSSPoI)
Expand Down
17 changes: 10 additions & 7 deletions docs/lab-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,19 @@ nav_order: 9
**Version 0.1.0 (Jan 25, 2024)**

Original authors:
- Vinod Panicker (@panickervinod)
- Harimohan Rajamohanan (@harimohanr)
- Arun Suresh (@asa1997 )

- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

This document gives you information on open source security lab dedicated to fortifying open source projects against potential vulnerabilities for any given organisation.
This format is stable, but further backwards compatible changes may still be made.
Feedback from maintainers of other vulnerability databases and security response teams
is most welcome. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).
This document provides an overview of BeSLab, covering essential details related to the lab. These include the **id**, **name**, **version** specifics, **owner** information, **date_of_creation** as well as **size**, **poi** (projects of interest) count, **moi** (models of interest) count and **voi** (vulnerabilities of interest) count. Additionally, the document outlines the various **tools** hosted within the lab.

BeSLab is a dynamic environment where Open Source **projects**, **tools**, **vulnerabilities**, and **models** can be seamlessly integrated using the BLIman utility. This utility also facilitates the creation and launch of the lab.

This format is stable, but further backwards compatible changes may still be made. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).

# Format Overview

Expand Down
17 changes: 12 additions & 5 deletions docs/moi-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,19 @@ nav_order: 4
**Version 0.1.0 (Jan 25, 2024)**

Original authors:
- Arun Suresh

This document defines a standard way of describing the essential information of each model under the Models of Interest(MOI).
This format is stable, but further backwards compatible changes may still be made.
Feedback from maintainers of other vulnerability databases and security response teams
is most welcome. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).
- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

This document outlines a standardized data interchange format for open source software models of interest (OSSMoI) within organizations. The OSSMoI encompasses essential model details such as model **id**, model **name**, model **type**, **owner** information, **parent** information, **modality** information, **size** information. These details facilitate seamless sharing among peers within the organization and publication to the BeSLighthouse community dashboard. Open Source models can be onbaorded into BeSLab by BLIman utility.

This standardized data interchange format not only streamlines the sharing and publication process of open source software models within organizations but also significantly reduces the time required for BeSLabs to assess models of interest. By providing a structured framework for exchanging essential model details, BeSLabs can expedite their assessment procedures and evaluation of open source models.

This format is stable, but further backwards compatible changes may still be made. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).

# Format Overview

Expand Down
38 changes: 28 additions & 10 deletions docs/playbook-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,16 +10,34 @@ nav_order: 8
**Version 0.1.0 (Jan 30, 2024)**

Original authors:
- Vinod Panicker (@panickervinod)
- Harimohan Rajamohanan (@harimohanr)
- Arun Suresh (@asa1997 )

- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

This document defines the data interchange format for playbooks for any given organisation. An organization powered by BeSLab shall publish their playbooks to its peers as well the community dashboard BeSLighthouse. The data in this scehma can be used by other tools under the organization.
This format is stable, but further backwards compatible changes may still be made.
Feedback from maintainers of other vulnerability databases and security response teams
is most welcome. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).
<!-- This document outlines a standardized data interchange format for open source software playbooks of interest (OSSPloI) within organizations. The OSSPloI encompasses essential playbook details such as playbook **name**, **version** specifics,**type** information, **author** information, **last_execution** details, **detailed report path** and a list of **compatible environments**. These details facilitate seamless sharing among peers within the organization and publication to the BeSLighthouse community dashboard. Open Source playbooks can be onbaorded into BeSLab by BLIman utility.
This standardized data interchange format not only streamlines the sharing and publication process of open source software playbooks within organizations but also significantly reduces the time required for BeSLabs to assess projects of interest. These playbooks help in automating the steps required for assessment activities as well as expediting the time required for it. -->

This document introduces a standardized data interchange format specifically designed for open source software playbooks within organizations. The OSSPloI captures crucial details related to these playbooks, including:

- Playbook Name
- Version Specifics
- Type Information
- Author Details
- Last Execution Information
- Detailed Report Path
- List of Compatible Environments

These comprehensive details facilitate seamless sharing among peers within the organization and enable publication to the BeSLighthouse community dashboard. By leveraging the BLIman utility, organizations can effortlessly onboard their Open Source playbooks into BeSLab.

The adoption of this standardized format not only streamlines the sharing and publication process of open source software playbooks but also significantly reduces the time required for BeSLabs to assess projects of interest. These playbooks play a pivotal role in automating assessment activities and expediting the overall assessment timeline.

This format is stable, but further backwards compatible changes may still be made. Please feel free to create an [issue in this repo](https://github.com/Be-Secure/bes-schema/issues/new).


# Format Overview

Expand All @@ -41,7 +59,7 @@ contain UTF-8 text.
"name": "STRING",
"version": "STRING",
"type": "STRING",
"owner": {
"author": {
"name": "STRING",
"type": "STRING"
},
Expand Down Expand Up @@ -111,10 +129,10 @@ Version of the playbook.

The type of the playbook - `assessment` or `exploit`.

## playbooks.owner
## playbooks.author

```json
"owner": {
"author": {
"type": "STRING",
"name": "STRING"
}
Expand Down
9 changes: 5 additions & 4 deletions docs/poi-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,11 @@ nav_order: 2
**Version 0.1.0 (Jan 25, 2024)**

Original authors:
- Vinod Panicker (@panickervinod)
- Harimohan Rajamohanan (@harimohanr)
- Arun Suresh (@asa1997)
- Sudhir Verma(@sudhirverma)

- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

Expand Down
8 changes: 5 additions & 3 deletions docs/voi-schema.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,11 @@ nav_order: 3
**Version 0.1.0 (Jan 30, 2024)**

Original authors:
- Vinod Panicker (@panickervinod)
- Harimohan Rajamohanan (@harimohanr)
- Arun Suresh (@asa1997 )

- Vinod Panicker ([@panickervinod](https://github.com/panickervinod))
- Harimohan Rajamohanan ([@harimohanr](https://github.com/harimohanr))
- Arun Suresh ([@asa1997](https://github.com/asa1997))
- Sudhir Verma([@sudhirverma](https://github.com/sudhirverma))

# Purpose

Expand Down

0 comments on commit 35f856a

Please sign in to comment.