senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Promenjene vrednosti weight + likelihood

Browse Source
This commit is contained in:
Amir
2025-05-12 22:48:16 +02:00
parent 1109489ef3
commit cbd0832ca1
5 changed files with 69 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
backend/core/utils.py
View File

@@ -90,14 +90,14 @@ def get_controls_for_risk(risk, organization):
prompt = f"""
You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated organization details "{organization_details}",
your task is to select **exactly 10 unique controls** from the provided list that best mitigate this risk. Each control should be assigned:
- A weight between **1 and 10** (1 = low impact, 10 = high impact).
- A likelihood score between **1 and 10** (1 = rare occurrence, 10 = highly likely).
- A weight between **1 and 5** (1 = low impact, 5 = high impact).
- A likelihood score between **1 and 5** (1 = rare occurrence, 5 = highly likely).
### Rules:
1. **Each control ID must be unique** (no duplicates).
2. **Only return control IDs, weights, and likelihood scores** in the exact format below.
3. **Weights must be between 1 and 10** (1 = low impact, 10 = high impact).
4. **Likelihood scores must be between 1 and 10** (1 = rare occurrence, 10 = highly likely).
3. **Weights must be between 1 and 5** (1 = low impact, 5 = high impact).
4. **Likelihood scores must be between 1 and 5** (1 = rare occurrence, 5 = highly likely).
5. **Do NOT add explanations, descriptions, or extra text.**
6. **Ensure that control IDs are randomly distributed and diverse across different categories.**
### Available Controls:
@@ -108,8 +108,8 @@ def get_controls_for_risk(risk, organization):
<control_id> : <weight> : <likelihood>
### Example Correct Response (NO DUPLICATES):
12 : 8 : 90
45 : 7 : 60
12 : 5 : 2
45 : 4 : 1
⚠️ **If you provide duplicate control IDs, your response will be rejected. Ensure all control IDs are unique.**
⚠️ **Follow the response format exactly. Any deviation will be considered invalid.**
@@ -138,7 +138,7 @@ def get_controls_for_risk(risk, organization):
weight = int(weight_str)
likelihood = int(likelihood_str)
if control_id in valid_control_ids and 1 <= weight <= 10 and 1 <= likelihood <= 10 and control_id not in control_ids_seen:
if control_id in valid_control_ids and 1 <= weight <= 5 and 1 <= likelihood <= 5 and control_id not in control_ids_seen:
selected_controls.append((control_id, weight, likelihood))
control_ids_seen.add(control_id)
except ValueError:
@@ -155,14 +155,14 @@ def get_controls_for_risk(risk, organization):
retry_prompt = f"""
You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and the organization's details "{organization_details}",
your task is to select **exactly {missing_count} unique controls** from the provided list that best mitigate this risk. Each control should be assigned:
- A **weight** between **1 and 10** based on its effectiveness in reducing the risk.
- A likelihood score between **1 and 10** (1 = rare occurrence, 10 = highly likely).
- A **weight** between **1 and 5** based on its effectiveness in reducing the risk.
- A likelihood score between **1 and 5** (1 = rare occurrence, 5 = highly likely).
### Rules:
1. **Each control ID must be unique** (no duplicates).
2. **Only return control IDs, weights, and likelihood scores** in the exact format below.
3. **Weights must be between 1 and 10** (1 = low impact, 10 = high impact).
4. **Likelihood scores must be between 1 and 10** (1 = rare occurrence, 10 = highly likely).
3. **Weights must be between 1 and 5** (1 = low impact, 5 = high impact).
4. **Likelihood scores must be between 1 and 5** (1 = rare occurrence, 5 = highly likely).
5. **Do NOT add explanations, descriptions, or extra text.**
6. **Ensure that control IDs are diverse and well-distributed across different categories.**
@@ -174,8 +174,8 @@ def get_controls_for_risk(risk, organization):
<control_id> : <weight> : <likelihood>
### Example Correct Response (NO DUPLICATES):
12 : 8 : 85
45 : 7 : 60
12 : 4 : 5
45 : 5 : 3
⚠️ **If you provide duplicate control IDs, your response will be rejected. Ensure all control IDs are unique.**
⚠️ **Follow the response format exactly. Any deviation will be considered invalid.**
@@ -201,7 +201,7 @@ def get_controls_for_risk(risk, organization):
weight = int(weight_str)
likelihood = int(likelihood_str)
if control_id in valid_control_ids and 1 <= weight <= 10 and 1 <= likelihood <= 10 and control_id not in control_ids_seen:
if control_id in valid_control_ids and 1 <= weight <= 5 and 1 <= likelihood <= 5 and control_id not in control_ids_seen:
selected_controls.append((control_id, weight, likelihood))
control_ids_seen.add(control_id)
except ValueError:
@@ -243,10 +243,8 @@ def calculate_aggregate_likelihood(controls):
return total_likelihood
def map_weight_to_impact_likelihood(total_weight, total_likelihood, max_weight):
normalized_weight = total_weight / max_weight
impact = min(10.0, max(1.0, normalized_weight * 10.0))
likelihood = min(10.0, max(1.0, total_likelihood / 10.0))
impact = min(5.0, max(1.0, total_weight / 10.0))
likelihood = min(5.0, max(1.0, total_likelihood / 10.0))
return impact, likelihood
@@ -256,12 +254,12 @@ def generate_risk_graph(risks_with_controls):
likelihoods = [risk['likelihood'] for risk in risks_with_controls]
risk_ids = [risk['risk']['id'] for risk in risks_with_controls]
bg_img_path = find('img/graph_matrix (3).png')
bg_img_path = find('img/graph_matrix.png')
bg_img = mpimg.imread(bg_img_path)
fig, ax = plt.subplots(figsize=(10, 8))
ax.imshow(bg_img, extent=[0, 11.2, 0, 11.2], aspect='auto')
ax.imshow(bg_img, extent=[0.0, 5.4, 0.0, 5.4], aspect='auto')
scatter = ax.scatter(
likelihoods, impacts,