caldera icon indicating copy to clipboard operation
caldera copied to clipboard

Published 20 hours ago verified publisher icon mitre

RBAC implementation

Open LetMeR00t opened this issue 1 year ago • 1 comments

What problem are you trying to solve? Please describe. Current red/blue groups defined as is allow to both teams to work together with a different perimeter. However, a user is linked to a group with full access to the group (agents, abilities, adversaries, operations) People can't have seggregated rights to have for instance simple roles such as:

  • admin: full access
  • developer: no access to agents but able to manage abilities, adversaries and operations
  • runner: no access to agents/abilities/adversaries but can manage operations
  • read-only: allow access to someone with the ability to see things without interact with it

A business case around that is that we want to setup automatic tests based on a real asset (windows or linux) to test our detection rules used by a SIEM.

The short story of this would be that a test (ability) or several tests into a dedicated adversary would be executed on the given agents on which a log forwarder is installed to recover the data within the SIEM. Then, the detection rule is run over the period and should match the expected logs, proving that the detection rule is working as planned.

To perform those tasks, we can have administrators of the tool managing the platform, detection rule tests developers to create and tests their tests and potentially, within a production environment, a read-only access allowing developers to get access to the results without having the possibility to alterate the automatic pipeline (where tests are run periodically and automatically)

The ideal solution: What should the feature should do? It could be a plugin that could set up admin/developer/runner/read-only rights for each user and letting the right to manage who can access to what and with which privileges.

What category of feature is this?

  • [X] UI/UX
  • [ ] API
  • [ ] Other

No code to provide for now

  • [ ] Willing to submit a pull request to implement this feature? Not for now

LetMeR00t avatar Sep 30 '23 11:09 LetMeR00t

Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/

github-actions[bot] avatar Sep 30 '23 11:09 github-actions[bot]