feat(compliance): add KISA ISMS-P compliance framework #5086
Conversation
- Added support for KISA ISMS-P to Prowler. - Provided both English and Korean versions for broader accessibility.
|
@Jude-Bae can you run our pre-commit and push the changes please? You can install it by |
Hi! @sergargar, Thanks for the feedback! I’m currently commuting to work, but I’ll run the pre-commit checks and push the changes as soon as I’m at my desk. I’ll aim to get this done as quickly as possible. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #5086 +/- ##
==========================================
- Coverage 89.12% 89.01% -0.12%
==========================================
Files 974 977 +3
Lines 29856 29957 +101
==========================================
+ Hits 26610 26667 +57
- Misses 3246 3290 +44 ☔ View full report in Codecov by Sentry. |
|
Hey! @Jude-Bae first of all, thanks for your contribution. Prowler dashboards will be deprecated, soon just to let you know because you added some changes there. Could you please fix the tests? Thanks!! |
Hi! @pedrooot Thanks for the heads-up regarding the dashboard changes! I’ll make sure to address the tests as soon as possible |
github-actions
bot
added
output/asff
…-p_compliance Keeping the feature/kisa-isms-p_compliance branch up to date with the latest changes from the upstream/master branch while PR prowler-cloud#5086 is under review. This merge ensures the branch remains in sync with the main repository and prevents potential conflicts.
|
Hi @pedrooot, I’ve updated the branch with the latest changes and also added the test cases you suggested earlier. However, the status checks are still showing as “Expected — Waiting for status to be reported.” Could you let me know if there’s anything I might have missed or if I need to follow any additional steps? If necessary, please advise if I should consider reopening the PR or take any other action to resolve this. |
|
I just had to accept the re-run of the checks. Thanks for all the info! I'll review this PR later today. |
|
Hi! @pedrooot, I would like to address the situation regarding the Codecov report for the current PR. The low patch coverage percentage for the kisa_ismsp.py file seems to be a primary factor, but I have noticed that similar compliance files also report a patch coverage of 7 to 10%. Could you please advise if I need to write additional test code for "kisa_ismsp.py" and similar files to improve coverage? If there are any additional steps I should take to facilitate the merging process, please let me know.
|
|
Thank you for the report. For now, I don't need you to add more tests to this PR because I need to review it in depth to check how it works. As you can see, the percentage of tests associated with each compliance is similar to what you've obtained, so it should be correct 🔝 |
|
If I need anything else I'll ping you, thanks in advance |
|
After reviewing the dashboard generated with this compliance, the numbers on the pass/fail bar are not appearing. Could you check how it works with other compliances? I'll show you the CIS example:
|
Added support for KISA ISMS-P to Prowler.
Provided both English and Korean versions for broader accessibility.
Context
This PR aims to add one of Korea’s key security compliance frameworks, the Personal Information & Information Security Management System (ISMS-P) from the Korea Internet & Security Agency (KISA), to the Prowler Compliance list.
The KISA ISMS-P is a certification system that assesses and certifies the adequacy of information security and personal information protection management systems. Many companies in Korea consider compliance with and certification through ISMS-P essential for their operations.
Up until now, the Prowler Compliance list has lacked support for KISA ISMS-P, which led the team at MegazoneCloud (https://www.megazone.com/us) to contribute this addition. We hope this contribution will benefit Prowler users, particularly those in Korea.
Additionally, the KISA ISMS-P for Prowler will be provided in two versions: a default English version and a Korean version tailored for Korean users.
“Powered by Cloud Security Group within Cloud Technology Center at MegazoneCloud.”
Co-authored-by: ES Kim es.kim@megazone.com and Yenn yenn@megazone.com
Description
A total of 12 files were changed, with 9,097 lines of code inserted. The changes include the addition of both the English and Korean versions of KISA ISMS-P for AWS compliance.
The following files have been added or modified:
Dashboard Integration:
dashboard/compliance/kisa_isms-p_2023-korean_aws.py
dashboard/compliance/kisa_isms-p_2023_aws.py
Compliance Files:
prowler/compliance/aws/kisa_isms-p_2023-korean_aws.json
prowler/compliance/aws/kisa_isms-p_2023_aws.json
Output and Model Files:
prowler/lib/outputs/compliance/kisa_ismsp/init.py
prowler/lib/outputs/compliance/kisa_ismsp/kisa_ismsp.py
prowler/lib/outputs/compliance/kisa_ismsp/kisa_ismsp_aws.py
prowler/lib/outputs/compliance/kisa_ismsp/models.py
KISA ISMS-P related updates to existing files:
prowler/main.py: Added KISA ISMS-P related logic to Prowler's main execution file.
prowler/lib/check/compliance_models.py: Added KISA ISMS-P related data to the compliance models file.
prowler/lib/outputs/compliance/compliance.py: Added code to handle KISA ISMS-P outputs.
dashboard/common_methods.py: Defined additional common methods to process KISA ISMS-P data.
Checklist
License
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.