Validator: Trust Maturity Matrix [Public]
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

View only
 
ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Critical SystemsCritical Systems
Dev/QA/Critical/Endpoint
All Systems
2
Each item is rated on a scale of 0-5, with 5 being full and complete coverage. Opportunistic AttackerSingle AttackerGroup AttackersNation-State
3
Code and Infrastructure Security
4
Validator architecture diagrams, including system-wide interaction diagram of nodesSecurity goal: Increase the cost of a successful attack for an attacker.
5
Threat models, especially for high-risk components
6
DoS Strategy, including automated incident remediation
7
Peer review process in which at least two engineers/operations staff are required to approve changes to production environmentAttacker CapabilityRating
8
Host-based intrusion detection or prevention tooling (IDS/IPS)Opportunistic (Scans Github/Shodan for creds, default passwords, etc.)Stunt scripts / Shodan1
9
Network-based intrusion detection or prevention toolingWeak Automation2
10
Continuous Integration/Continuous DeliveryOK Automation3
11
Static code analysis Single AttackerStrong Automation4
12
Code coverage: testability, automated testing (plans, suites, integration, functional testing)Indiv5<-- At times, there is some overlap between the capabilities of a group and a strong individual attacker.
13
Automated host configuration managementGroup AttackerStrong Indiv6
14
Secure Development Lifecycle, including secure languages, frameworks, and security review process.
15
Blameless postmortems for bugs, faults, and failures
16
Strong Group8
17
Operational SecurityNation StatesNorth Korea9
18
Security policy to govern organization, contributors or collaboratorsBest NSA10
19
Physical security plan to protect devices you use to build your validator, and the validator itself whether it is in a data center or on premises.
20
Password policy to reduce risk of authentication-based attacks
21
Multi-factor auth required across production systems to reduce risk of auth-based attacks (servers)
22
Centralized logging on production and organization level
23
Logging for any security events, including access to physical spaces, services 3rd parties
24
Network segmentation including a production network segmented into different zones by security level, and/or VPN for remote access into production systems
25
Secrets management strategy (authentication, tokens, API, certificates, keys)
26
Logging for access to key material (especially for HSM)
27
Alerting with on-call reponse + run books
28
29
Assessment
30
Inventory of hosts, services, and data
31
Inventory of languages, platforms, stacks, components
32
Inventory of software in use within organization
33
Inventory of cryptographic frameworks (transit/rest, secret storage
34
Inventory of third party libraries
35
Vulnerability management process
36
Functional patching process + policy, especially for system and Gaia
37
Third party review of non-standard cryptographic frameworks
38
Third party security assessment, if resources are available.
39
Business Continuity Plan that outlines what will happen to both the organization and the node in the case of an adverse event or disaster
40
41
Response
42
Attacker Behavior Profiles that outline likely attacker capabilities and motivations
43
Designated contact within org if badness happens
44
Incident Response Process that includes an in-house playbook, or a third party on retainer
45
Disaster Recovery Plan that includes backups, services, and redundancy planning
46
Incident Handling System, including tracking
47
Documented procedures for revoking access and returning assets to org if an employee/collab leaves the project or is terminated
48
Incident notification process to let delegators know if badness happens
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...