senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Changed name of variable,added help_text for MML

Browse Source
This commit is contained in:
Amir
2025-02-18 11:40:26 +01:00
parent 7151cd0c4d
commit dcb94e28ff
2 changed files with 31 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
backend/core/utils.py
View File

@@ -3,15 +3,17 @@ from django.conf import settings
from .models import Risk, Control
import time
def extract_risk_factors(organization):
excluded_fields={"name","email"}
def extract_organization_details(organization):
excluded_fields = {"name", "email"}
risk_data = {}
for field in organization._meta.get_fields():
if field.name not in excluded_fields and hasattr(organization, field.name):
value = getattr(organization, field.name)
if value:
risk_data[field.name] = value
help_text = getattr(field, 'help_text', '').strip()
key = help_text if help_text else field.name
risk_data[key] = value
return risk_data
def get_top_risk(organization):
@@ -33,14 +35,14 @@ def get_top_risk(organization):
Business Impact Severity: {risk.businnes_impact_severity}
""")
risk_factors = extract_risk_factors(organization)
organization_details = extract_organization_details(organization)
prompt = f"""
You are an AI risk assessor. Based on the following company details and list of known risks,
identify the 10 most critical risks for this company. Respond only with risk IDs.
Company Details:
{risk_factors}
{organization_details}
List of Risks:
{risk_list}
@@ -63,14 +65,14 @@ def get_controls_for_risk(risk, organization):
all_controls = Control.objects.all()
control_list = []
risk_factors = extract_risk_factors(organization)
organization_details = extract_organization_details(organization)
valid_control_ids = {control.id for control in all_controls}
for control in all_controls:
control_list.append(f"Control ID: {control.id}, Control Name: {control.name}")
prompt = f"""
You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated factors "{risk_factors}",
You are an expert in cybersecurity risk management. Given the risk "{risk.risk_name}" and its associated factors "{organization_details}",
your task is to select **exactly 10 unique controls** from the provided list that best mitigate this risk. Each control should be assigned a weight between **1 and 10** based on its effectiveness in reducing the risk.
### Rules:
1. **Each control ID must be unique** (no duplicates).