senaduka/old-riskletpy
1
0
Fork 0
Code Issues 5 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

merged crown jewels

Browse Source
This commit is contained in:
Amir
2025-09-17 15:24:34 +02:00
parent 923ce23009
commit f07636b175
9 changed files with 251 additions and 232 deletions
Download Patch File Download Diff File Expand all files Collapse all files

347
backend/core/templates/signup.html
View File

@@ -474,78 +474,136 @@
<!-- Sensitive Data Level -->
<div class="mb-3 question basic-section" id="q7">
<label class="form-label mt-3">
Sensitive Data Handled:
Sensitive Data Types & Business Impact in Case of Loss or Compromise
<br>
<small class="form-text text-muted">
Select all applicable categories - Core risk driver
For each data type, mark if applicable and rate the business impact (1 - Very Low, 5 - Critical).
</small>
</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-customer-pii" value="customer-pii">
<label class="form-check-label" for="data-customer-pii">
<i class="fa-solid fa-id-card"></i> Customer Personally Identifiable Information (PII - e.g., names, addresses, email)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-employee-pii" value="employee-pii">
<label class="form-check-label" for="data-employee-pii">
<i class="fa-solid fa-user-tie"></i> Employee Personally Identifiable Information (PII)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-phi" value="phi">
<label class="form-check-label" for="data-phi">
<i class="fa-solid fa-notes-medical"></i> Protected Health Information (PHI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-pci" value="pci">
<label class="form-check-label" for="data-pci">
<i class="fa-solid fa-credit-card"></i> Payment Card Industry Data (PCI-DSS Scope)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-financial" value="financial">
<label class="form-check-label" for="data-financial">
<i class="fa-solid fa-file-invoice-dollar"></i> Confidential Financial Information (Non-PCI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-ip" value="ip">
<label class="form-check-label" for="data-ip">
<i class="fa-solid fa-lightbulb"></i> Intellectual Property / Trade Secrets / R&amp;D Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-strategy" value="strategy">
<label class="form-check-label" for="data-strategy">
<i class="fa-solid fa-chess-king"></i> Sensitive Business Strategy / M&amp;A Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-gov" value="government">
<label class="form-check-label" for="data-gov">
<i class="fa-solid fa-user-shield"></i> Government Classified / Controlled Unclassified Information (CUI)
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-ot" value="ot">
<label class="form-check-label" for="data-ot">
<i class="fa-solid fa-microchip"></i> Critical Operational Technology (OT) Data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data" id="data-none" value="none">
<label class="form-check-label" for="data-none">
<i class="fa-solid fa-circle-xmark"></i> None / Minimal Sensitive Data Handled
</label>
</div>
</div>
<small class="form-text text-muted py-3">Assesses the potential impact of data breaches and
determines
required security controls.</small>
<table class="table table-bordered align-middle">
<thead>
<tr>
<th>Data Type</th>
<th style="width:10px">Applicable?</th>
<th>Business Impact</th>
</tr>
</thead>
<tbody>
<tr>
<td>Personal Data (PII, PHI, etc.)</td>
<td>
<input type="checkbox" name="personal_applicable" id="personal_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="personal_impact_1">1</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="personal_impact_2">2</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="personal_impact_3">3</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="personal_impact_4">4</label>
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="personal_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Financial Data (PCI, records)</td>
<td>
<input type="checkbox" name="financial_applicable" id="financial_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="financial_impact_1">1</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="financial_impact_2">2</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="financial_impact_3">3</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="financial_impact_4">4</label>
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="financial_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Intellectual Property / Strategic Data</td>
<td>
<input type="checkbox" name="ip_applicable" id="ip_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="ip_impact_1">1</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="ip_impact_2">2</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="ip_impact_3">3</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="ip_impact_4">4</label>
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="ip_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Critical Operational Data</td>
<td>
<input type="checkbox" name="operational_applicable" id="operational_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="operational_impact_1">1</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="operational_impact_2">2</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="operational_impact_3">3</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="operational_impact_4">4</label>
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="operational_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>Government/Controlled Data</td>
<td>
<input type="checkbox" name="government_applicable" id="government_applicable">
</td>
<td>
<div class="btn-group" role="group" aria-label="Business Impact">
<input type="radio" class="btn-check" name="government_impact" id="government_impact_1" value="1">
<label class="btn btn-outline-success btn-sm" for="government_impact_1">1</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_2" value="2">
<label class="btn btn-outline-success btn-sm" for="government_impact_2">2</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_3" value="3">
<label class="btn btn-outline-success btn-sm" for="government_impact_3">3</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_4" value="4">
<label class="btn btn-outline-success btn-sm" for="government_impact_4">4</label>
<input type="radio" class="btn-check" name="government_impact" id="government_impact_5" value="5">
<label class="btn btn-outline-success btn-sm" for="government_impact_5">5</label>
</div>
</td>
</tr>
<tr>
<td>None / Minimal Sensitive Data</td>
<td>
<input type="checkbox" name="none_applicable" id="none_applicable">
</td>
<td>
N/A
</td>
</tr>
</tbody>
</table>
<small class="form-text text-muted py-3">
Use the scale to indicate how critical each applicable data type is for your business.
</small>
</div>
<!-- Overall Sensitivity Level of Data Processed -->
@@ -589,49 +647,8 @@
</small>
</div>
<!-- Intellectual Property (IP) Value -->
<div class="mb-3 question basic-section" id="q9">
<label class="form-label mt-3">
Intellectual Property (IP) Value:
<br>
<small class="form-text text-muted">
Select best description of IP's importance to the business model
</small>
</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-low" value="low" required>
<label class="form-check-label" for="ip-value-low">
<i class="fa-regular fa-circle"></i> Low: IP is not a significant differentiator or revenue driver.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-medium" value="medium">
<label class="form-check-label" for="ip-value-medium">
<i class="fa-solid fa-lightbulb"></i> Medium: IP provides some competitive advantage or supports core products.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-high" value="high">
<label class="form-check-label" for="ip-value-high">
<i class="fa-solid fa-chess-king"></i> High: IP is a primary source of competitive advantage and revenue.
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="radio" name="ip_value" id="ip-value-critical" value="critical">
<label class="form-check-label" for="ip-value-critical">
<i class="fa-solid fa-gem"></i> Critical: Business model is fundamentally based on unique, high-value IP.
</label>
</div>
</div>
<small class="form-text text-muted py-3">
Indicates the strategic importance of intellectual property to your organization.
</small>
</div>
<!-- Remote Workforce Percentage -->
<div class="mb-3 question basic-section" id="q10">
<div class="mb-3 question basic-section" id="q9">
<label class="form-label mt-3">What percentage of your workforce operates remotely?</label>
<hr>
<div class="pb-3">
@@ -665,7 +682,7 @@
</div>
<!-- Third-Party Vendor Access -->
<div class="mb-3 question basic-section" id="q11">
<div class="mb-3 question basic-section" id="q10">
<label class="form-label mt-3">How many third-party vendors have access to your systems?</label>
<hr>
<div class="pb-3">
@@ -699,7 +716,7 @@
</div>
<!-- Internal Software Development -->
<div class="mb-3 question basic-section" id="q12">
<div class="mb-3 question basic-section" id="q11">
<label class="form-label mt-3">
Internal Software Development for Critical Applications:
<br>
@@ -727,7 +744,7 @@
</div>
<!-- IT Infrastructure Model -->
<div class="mb-3 question basic-section" id="q13">
<div class="mb-3 question basic-section" id="q12">
<label class="form-label mt-3">What is your primary IT infrastructure model?</label>
<hr>
<div class="pb-3">
@@ -767,7 +784,7 @@
<!-- Network Infrastructure Model -->
<div class="mb-3 question basic-section" id="q14">
<div class="mb-3 question basic-section" id="q13">
<label class="form-label mt-3">
Network Infrastructure Model:
<br>
@@ -814,7 +831,7 @@
</div>
<!-- Geographic Operational Scope -->
<div class="mb-3 question basic-section" id="q15">
<div class="mb-3 question basic-section" id="q14">
<label class="form-label mt-3">
Geographic Operational Scope:
<br>
@@ -854,7 +871,7 @@
</div>
<!--Customer Base Distribution -->
<div class="mb-3 question basic-section" id="q16">
<div class="mb-3 question basic-section" id="q15">
<label class="form-label mt-3">
Customer Base Distribution:
<br>
@@ -888,7 +905,7 @@
<!-- Primary Customer Type -->
<div class="mb-3 question basic-section" id="q17">
<div class="mb-3 question basic-section" id="q16">
<label class="form-label mt-3">
Primary Customer Type:
<br>
@@ -934,7 +951,7 @@
<!-- Product/Service Portfolio -->
<div class="mb-3 question basic-section" id="q18">
<div class="mb-3 question basic-section" id="q17">
<label class="form-label mt-3">
Product/Service Portfolio Diversity:
<br>
@@ -968,7 +985,7 @@
</div>
<!-- Supplier Base Structure -->
<div class="mb-3 question basic-section" id="q19">
<div class="mb-3 question basic-section" id="q18">
<label class="form-label mt-3">
Dependency on Critical Suppliers:
<br>
@@ -1000,94 +1017,8 @@
<small class="form-text text-muted py-3">Assesses third-party cybersecurity risks.</small>
</div>
<!-- Intellectual Property Protection -->
<div class="mb-3 question basic-section" id="q20">
<label class="form-label mt-3">How does your organization protect and manage intellectual
property?</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-patents" value="patents">
<label class="form-check-label" for="ip-patents">
<i class="fa-solid fa-certificate"></i> Patents owned
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-licensed" value="licensed-ip">
<label class="form-check-label" for="ip-licensed">
<i class="fa-solid fa-file-contract"></i> Licensed IP from others
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-trade-secrets" value="trade-secrets">
<label class="form-check-label" for="ip-trade-secrets">
<i class="fa-solid fa-user-secret"></i> Trade secrets
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-joint" value="joint-ip">
<label class="form-check-label" for="ip-joint">
<i class="fa-solid fa-people-arrows"></i> Joint IP ownership
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="intellectual_property" id="ip-none" value="no-ip">
<label class="form-check-label" for="ip-none">
<i class="fa-solid fa-circle-xmark"></i> No significant IP
</label>
</div>
</div>
<small class="form-text text-muted py-3">Evaluates cybersecurity needs based on IP
ownership.</small>
</div>
<!-- Sensitive Data -->
<div class="mb-3 question basic-section" id="q21">
<label class="form-label mt-3">What type of sensitive data does your organization handle?</label>
<hr>
<div class="pb-3">
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-personal" value="personal">
<label class="form-check-label" for="data-personal">
<i class="fa-solid fa-id-card"></i> Personal customer data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-financial-q22" value="financial">
<label class="form-check-label" for="data-financial-q22">
<i class="fa-solid fa-file-invoice-dollar"></i> Financial records
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-healthcare" value="healthcare">
<label class="form-check-label" for="data-healthcare">
<i class="fa-solid fa-notes-medical"></i> Healthcare information
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-ip-q22" value="ip-property">
<label class="form-check-label" for="data-ip-q22">
<i class="fa-solid fa-lightbulb"></i> Intellectual property
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-gov-q22" value="government">
<label class="form-check-label" for="data-gov-q22">
<i class="fa-solid fa-user-shield"></i> Government data
</label>
</div>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="sensitive_data_types" id="data-payment" value="payment">
<label class="form-check-label" for="data-payment">
<i class="fa-solid fa-credit-card"></i> Payment card data
</label>
</div>
</div>
<small class="form-text text-muted py-3">Identifies compliance frameworks.</small>
</div>
<!-- Critical Business Systems -->
<div class="mb-3 question basic-section" id="q22">
<div class="mb-3 question basic-section" id="q19">
<label class="form-label mt-3">
Integration of Critical Business Systems:
<br>
@@ -1126,7 +1057,7 @@
</div>
<!-- Rate of Technology / Business Change -->
<div class="mb-3 question basic-section" id="q23">
<div class="mb-3 question basic-section" id="q20">
<label class="form-label mt-3">
Rate of Technology / Business Change:
<br>
@@ -1161,7 +1092,7 @@
</div>
<!-- Relevant Threat Actors -->
<div class="mb-3 question basic-section" id="q24">
<div class="mb-3 question basic-section" id="q21">
<label class="form-label mt-3">
Relevant Threat Actors:
<br>
@@ -1214,7 +1145,7 @@
</div>
<!-- Expert Analysis -->
<div class="mb-3 question basic-section" id="q25">
<div class="mb-3 question basic-section" id="q22">
<label class="form-label mt-3">
Do u want to perform an expert analysis of your cybersecurity posture?
<br>