Skip to content

Changes

Page history
Update Testing Release authored by Michal Urban's avatar Michal Urban
Show whitespace changes
Inline Side-by-side
Testing-Release.md
View page @ ebfa453f
...@@ -73,6 +73,16 @@ This serves as a template for every KYPO release testing. Create an issue named ...@@ -73,6 +73,16 @@ This serves as a template for every KYPO release testing. Create an issue named
- [ ] add created_by field for sandbox resources (definition, pool, sandbox) - [ ] add created_by field for sandbox resources (definition, pool, sandbox)
- [ ] `nmap` shouldn't discover hosts in private address ranges outside the topology definition. [Detailed description](https://gitlab.ics.muni.cz/muni-kypo-crp/kypo-crp-issues/-/issues/206). - [ ] `nmap` shouldn't discover hosts in private address ranges outside the topology definition. [Detailed description](https://gitlab.ics.muni.cz/muni-kypo-crp/kypo-crp-issues/-/issues/206).
##### Testing [kypo-mitre-matrix-service](https://gitlab.ics.muni.cz/muni-kypo-crp/backend-python/kypo-mitre-technique-service)
- [ ] try to run to service with all the other services and ensure that the map gets generated and can be viewed on the frontend
- [ ] check the last update on this [website](https://attack.mitre.org/resources/updates/). If it is later than **October 2021**, the MITRE ATTACK matrix may have been changed singe the last check
- [ ] check the content of the update and verify that the service still works under this update (if there are new tactics/techniques, the instructor should be able to add them to new levels of linear training and phases of adaptive training). If some tactics/techniques were removed, instructors should no longer be able to add them, but if there are training definitions which still contain such techniques, the service should not fail because of them, instead they should be ignored.
- [ ] run the service locally on its own (clone its repository and run `pipenv run python manage.py runserver 8001`)
- [ ] open the [swagger documentation](http://127.0.0.1:8001/mitre-technique/api/v1/doc) and call the `/mitre-technique-index` endpoint (it is not authenticated so it should work fine). Ensure that a list of techniques and their codes are returned and also check that the console where the service runs does **NOT** output `"The method getting tactics and techniques failed with:..."`.
- [ ] if the message is in the output, check the exception that is thrown. There is likely a problem with getting the MITRE ATTACK data from the taxii2 server, thus localy stored static data is used. This may be fine if the external functionality of the endpoints that are called by this service on the MITRE side has been changed severely and if this service is not worth updating.
- [ ] if that is not the case and the endpoint works fine, this service will update the `mitre_attack_backup_data` (by default stored in `kypo/mitre_matrix_visualizer_app/templates/`). Update the existing `mitre_attack_backup_data` in the gitlab repository of this service with the new one.
- [ ] update the time of the last update of the MITRE ATTACK matrix data in this manual
## Integration testing ## Integration testing
- [ ] import all publicly available sandbox definitions stored at https://gitlab.ics.muni.cz/muni-kypo-trainings/games - [ ] import all publicly available sandbox definitions stored at https://gitlab.ics.muni.cz/muni-kypo-trainings/games
- [ ] nice to have: import all private sandbox definitions stored at https://gitlab.ics.muni.cz/muni-kypo-trainings/games - [ ] nice to have: import all private sandbox definitions stored at https://gitlab.ics.muni.cz/muni-kypo-trainings/games
......