List of Improvements and Fixes

[andrewbwm]

This is my personal list of items that I have encountered or have been brought to my attention. As I address them they will likely be split into separate, better described issues.

• Evaluate a multifactor authentication solution using nested Credentials. #50

• Create a Data - Information association to represent backups. #51

• Evaluate whether or not we still need execution privileges to be distinct from high privileges #44

• Generate a framework for the documentation efforts from the existing info strings. #48

• Add Mitre info text to the attack steps, defences, and assets that are strongly logically linked to specific techniques or mitigations. #52

• Document which attack steps should be used as entry points #53

• Integrate some of the tests in Some tests and some ideas/suggestions. #39 into our unit tests.

• Fix "Filtered" defence on the ConnectionRule #45

• Do we want to create an IDPS asset? #47

• Design HardwareVulnerabilities to attach to the System asset. #54

• Create an association between the PhysicalZone and Network. #55

• How do we model VPNs in coreLang? Also, how do we represent authenticated network connections? #56