github.com/gemaraproj/gemara@v1.3.0

test/test-data/good-risk-catalog.yaml raw

 1metadata:
 2  id: EXAMPLE-RISK-CATALOG
 3  type: RiskCatalog
 4  gemara-version: "1.1.0"
 5  version: "1.0.0"
 6  description: Example Risk Catalog for cloud-native container environments
 7  author:
 8    id: risk-management-team
 9    name: Risk Management Team
10    type: Human
11  mapping-references:
12    - id: EXAMPLE-THREAT-CATALOG
13      title: Example Threat Catalog
14      version: "1.0.0"
15      description: Container security threat catalog
16
17title: Cloud-Native Container Risk Catalog
18
19groups:
20  - id: CAT-OPERATIONAL
21    title: Operational Risk
22    description: Risks arising from failures in internal processes, systems, or external events that affect service availability and reliability
23    appetite: Moderate
24  - id: CAT-SECURITY
25    title: Security Risk
26    description: Risks arising from unauthorized access, data breaches, or exploitation of system vulnerabilities
27    appetite: Low
28    max-severity: High
29  - id: CAT-COMPLIANCE
30    title: Compliance Risk
31    description: Risks arising from failure to comply with applicable laws, regulations, or industry standards
32    appetite: Minimal
33
34risks:
35  - id: RISK-001
36    title: Container Image Supply Chain Compromise
37    description: Third-party or base container images may contain known vulnerabilities or malicious code, leading to exploitation at runtime.
38    group: CAT-SECURITY
39    severity: High
40    rank: 2
41    owner:
42      responsible:
43        - name: Platform Engineering Lead
44          affiliation: Platform Team
45          email: platform-lead@example.org
46      accountable:
47        - name: Chief Information Security Officer
48          affiliation: Security
49          email: ciso@example.org
50    impact: Unauthorized code execution in production workloads, potential data exfiltration, and lateral movement across the cluster.
51    threats:
52      - reference-id: EXAMPLE-THREAT-CATALOG
53        entries:
54          - reference-id: THREAT-001
55
56  - id: RISK-002
57    title: Container Escape Leading to Host Compromise
58    description: Misconfigured or unpatched container runtimes may allow an attacker to escape container isolation and access the host.
59    group: CAT-SECURITY
60    severity: Critical
61    owner:
62      responsible:
63        - name: Platform Engineering Lead
64          affiliation: Platform Team
65          email: platform-lead@example.org
66      accountable:
67        - name: Chief Information Security Officer
68          affiliation: Security
69          email: ciso@example.org
70      consulted:
71        - name: Infrastructure Architect
72          affiliation: Architecture
73    impact: Full compromise of the underlying node, access to secrets, and disruption of co-located workloads.
74    threats:
75      - reference-id: EXAMPLE-THREAT-CATALOG
76        entries:
77          - reference-id: THREAT-002
78
79  - id: RISK-003
80    title: Regulatory Non-Compliance from Unaudited Deployments
81    description: Deploying workloads without automated compliance gates may result in violations of regulatory requirements.
82    group: CAT-COMPLIANCE
83    severity: Medium
84    impact: Regulatory fines, audit findings, and reputational damage.
85
86  - id: RISK-004
87    title: Cluster Admin Credential Exposure
88    description: Long-lived admin credentials for the cluster control plane may be exposed through logs, tickets, or shared stores.
89    group: CAT-SECURITY
90    severity: High
91    rank: 1
92    impact: Full cluster compromise; all workloads and secrets on the platform are at risk.