Creating a model

Parsing using securiCAD Enterprise GUI

As with any domain specific language used in securiCAD Enterprise; the steps for creating a model are the same with a few tweaks.

With the files generated from the securiCAD Azure collector, to parse the data via the gui, you may upload an active_directory.json and an optional application_insights file directly to securiCAD Enteprise through the web interface.
Navigate to a project, click Add model > Generate model, select the parser Azure Parser, and name the model whatever you want. Upload path/to/securicad-azure-collector/environment_files/active_directory.json and select the parser azure-active-directory-parser and optionally, path/to/securicad-azure-collector/environment_files/application_insights.json, if it exists, with the parser azure-application-insights-parser . Now click Add model and the model should appear in the project.

Sending the data to enterprise locally

Prerequisites:

For enterprise to parse the data, using the enterprise-sdk, you can use the following upload-script. Note that you need to provide a URL to the enterprise worker and some credentials in the conf.ini file, which the script has to access.

[URL]
authserviceurl = https://<ip>/api/v1/auth/login
serviceurl = https://<ip>/modelbuilder

[CERT]
cacert =
clientcert =
clientcertkey =

[AUTH]
username = admin8795
password = shaifu.t9theeTh1pooj
organization = 

If your user is a system administrator, you need to leave organization blank, as above. If your user belongs to an organization, you need to specify the name of the organization as well. Note that the credentials above are example credentials and will not work in your instance.

Uploading the files

Below is an example of how to use the enterprise-sdk to upload your models or parse data using the existing upload-script

Follow the instructions in the README and run:

  • for .sCAD files:
python3 path/to/examples/azure/upload.py -s /path/to/model.sCAD [-p projectname]
  • for .json files:
python3 path/to/examples/azure/upload.py -e /path/to/active_directory.json [-i /path/to/application_insights.json] [-p projectname]

And the model will be added to enterprise below projectname or the Default project if none is provided.

Start Simulating

Read Creating a scenario on how to start a scenario and simulation using the enterprise gui. Or use our scenario-scheduler using the enterprise-sdk programmatically.

python3 examples/scenario_scheduler.py --help
usage: scenario_scheduler.py [-h] [-m STRING] [--mid STRING] [-t FILE] -p STRING [-v VERBOSE] [-q QUIET]

optional arguments:
  -h, --help            show this help message and exit
  -m STRING, --model STRING
                        securicad model name
  --mid STRING          securicad model mid, used for faster lookup of model
  -t FILE, --tunings FILE
                        json file containing tuning objects
  -p STRING, --project STRING
                        Project name that the model will be uploaded to. Will use date as default if not provided
  -v VERBOSE, --verbose VERBOSE
                        Detailed logging messages
  -q QUIET, --quiet QUIET
                        Only critical output messages

CIA default scenario

If you've tagged your resources as described here you can start a default scenario which will set the all attack steps affecting confidentiality, integrity and availability, depending on the CIA values in the tag. all you need to do then is start the scenario-scheduler by python3 examples/scenario_scheduler -m modelName -v

Using a tunings file

.Similarly how you can set tunings in the labs section of securiCAD Enterprise, you may include -t tunings.json as a parameter for python3 examples/scenario_scheduler -t /path/to/tuningsfile.json -m modelName -v , and the defined tunings and scenarios in the file will be applied on your model. A template of the tunings file can be found in our GitHub repo. How to define different tuning types read these instructions

Working with the model in securiCAD Enterprise

For more information on how to upload the model into securiCAD enterprise and how to start simulating, please read the securiCAD Enterprise docs.