4.5 KiB
Threat Intelligence Service
A tool for collecting threat intelligence data and running Monte Carlo simulations based on it.
Table of Contents
- Tech Stack
- Features
- Installation
- Configuration Setup
- Usage
- Testing
- Code Formatting
- Documentation
- Acknowledgments
- License
- Contact Information
Technology Stack
The risk calculation scripts are written in Python, along with prototypes written in R.
The Neo4j graph database uses the Cypher query language.
Technology | Description | Link |
---|---|---|
Neo4j | Graph database management system | Link |
Features
This repo. provides:
- Scripts for (re)generating incident number and average cost distributions and running Monte Carlo simulations using those distributions;
- a set of Cypher commands to allow for easy initial population of a Neo4j threat intelligence graph database with data derived from the Cyber Security Breaches Survey 2020; and
- a full suite of automated linting functions to ensure codebase standardisation.
Installation
Threat Intelligence Database (Neo4j)
- Install Neo4j Desktop;
- in the Neo4j Desktop app, create a new Project;
- in that project, add either a ‘Local DBMS’ or a ‘Remote Connection’ (depending
on which environment you are in) and call it ‘Threat Intelligence’:
- make sure to update the connection details in
src/scripts/graph.py
.
- make sure to update the connection details in
- add the file
contrib/database.cypher
to the Project; - open your server in the Neo4j Browser;
- go to the ‘Project Files’ tab and press the run button next to
database.cypher
.
Scripts
- Clone the repo. to your dev. environment (
git clone git@github.com:Rumperuu/Threat-Intelligence-Service.git
); - enter the new folder (
cd Threat-Intelligence-Service
); - create a virtual Python environment (
python3.⟨version⟩ -m venv pyvenv
); - activate your virtual environment (
source ./pyvenv/bin/activate
); and - install Python package with pip (
pip install -r requirements.txt
).
Configuration Setup
TODO: Add environment config.
Usage
Run python src/montecarlo.py
to run a Monte Carlo simulation. Use -h
to view
the available options.
Run python src/regenerate-distributions.py
to (re)generate all propability
distributions. Use -h
to view the available options.
Testing
There are not currently any tests.
Code formatting
There is not currently any automated code formatting or linting.
Python Code
Python code must conform to PEP 8.
-
Run
black --target-version=py38 */**/*.py
to format all Python files with Black. -
Use
--check
to view the output without automatically fixing warnings and errors. -
Run
pylint */**/*.py --output-format=colorized
to lint all Python files with Pylint. -
Pylint does not have the ability to automatically fix warnings and errors.
Pylint configuration settings are found in .pylintrc
.
Documentation
There is currently no documentation.
Acknowledgements
This project was initially developed as part of KTP № 11598, with funding provided by Innovate UK & Mitigate Cyber.
This game was inspired by Hubbard & Seiersen's book How to Measure Anything in Cybersecurity Risk.
License
This project is currently released under the CRAPL. It should NOT be used in a production environment in its current state.
Contact Information
Name | Link(s) |
---|---|
Ben Goldsworthy |