Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Added Threat Intelligence section to the Organization dashboard #4036

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
DonnieBLT merged 8 commits into from
Apr 5, 2025
Merged

Added Threat Intelligence section to the Organization dashboard #4036

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
f7f31ee
added Threat Intelligence
cicada0007 Mar 23, 2025
6024fb3
fix
cicada0007 Mar 23, 2025
15f454c
fix
cicada0007 Mar 24, 2025
8ad0cdc
Merge branch 'main' into main
cicada0007 Mar 24, 2025
88b74d4
fix
cicada0007 Mar 24, 2025
545db00
Merge branch 'main' into main
DonnieBLT Apr 5, 2025
f0da349
Merge branch 'main' into main
DonnieBLT Apr 5, 2025
2a0a781
Merge branch 'OWASP-BLT:main' into main
cicada0007 Apr 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 45 additions & 0 deletions website/templates/organization/organization_analytics.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,51 @@ <h3 class="text-lg font-semibold text-gray-800 mb-2">Top Affected Domains</h3>
</div>
</div>
</div>
<!-- Threat Intelligence Section -->
<div id="threat-intelligence" class="w-full px-8 mt-8">
<div class="bg-white rounded-xl p-6 shadow-sm">
<h2 class="text-2xl font-bold text-gray-900 mb-6">Threat Intelligence</h2>
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
<!-- Risk Score -->
<div class="bg-gray-50 p-4 rounded-lg">
<h3 class="text-lg font-semibold text-gray-800 mb-2">Security Risk Score</h3>
<div class="relative pt-1">
<div class="flex mb-2 items-center justify-between">
<div>
<span class="text-3xl font-bold inline-block py-1 px-2 rounded-full {% if threat_intelligence.risk_score >= 75 %}text-red-600 {% elif threat_intelligence.risk_score >= 50 %}text-yellow-600 {% else %}text-green-600{% endif %}">
{{ threat_intelligence.risk_score }}/100
</span>
</div>
</div>
</div>
</div>
<!-- Top Attack Vectors -->
<div class="bg-gray-50 p-4 rounded-lg">
<h3 class="text-lg font-semibold text-gray-800 mb-2">Top Issue Categories</h3>
<div class="space-y-2">
{% for vector in threat_intelligence.attack_vectors %}
<div class="flex justify-between items-center">
<span class="text-gray-600">{{ vector.vulnerability_type }}</span>
<span class="font-semibold">{{ vector.count }}</span>
</div>
{% endfor %}
</div>
</div>
<!-- Recent Security Alerts -->
<div class="bg-gray-50 p-4 rounded-lg">
<h3 class="text-lg font-semibold text-gray-800 mb-2">Recent Security Alerts</h3>
<div class="space-y-3">
{% for alert in threat_intelligence.recent_alerts %}
<div class="flex items-center space-x-2">
<span class="w-2 h-2 rounded-full {% if alert.cve_score >= 8 %}bg-red-500{% elif alert.cve_score >= 5 %}bg-yellow-500{% else %}bg-orange-500{% endif %}"></span>
<span class="text-sm text-gray-600 truncate">{{ alert.description }}</span>
</div>
{% endfor %}
</div>
</div>
</div>
</div>
</div>
</div>
{% endblock body %}
{% block js %}
Expand Down
40 changes: 40 additions & 0 deletions website/views/company.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -225,6 +225,45 @@ def get_security_incidents_summary(self, organization):
.order_by("-count")[:5],
}

def get_threat_intelligence(self, organization):
"""Gets threat intelligence data for the organization."""
security_issues = Issue.objects.filter(
domain__organization__id=organization,
label=4, # Security label
)

# Get trending attack types based on issue labels/tags instead
attack_vectors = (
security_issues.filter(created__gte=timezone.now() - timedelta(days=90))
.values("label") # Use label instead of vulnerability_type
.annotate(count=Count("id"))
.order_by("-count")[:5]
)

# Calculate risk score (0-100)
total_issues = security_issues.count()
critical_issues = security_issues.filter(cve_score__gte=8).count() # Use cve_score instead of severity
risk_score = min(100, (critical_issues / total_issues * 100) if total_issues > 0 else 0)

return {
"attack_vectors": [
{
"vulnerability_type": self.get_label_name(vector["label"]), # Convert label to readable name
"count": vector["count"],
}
for vector in attack_vectors
],
"risk_score": int(risk_score),
"recent_alerts": security_issues.filter(
created__gte=timezone.now() - timedelta(days=7),
cve_score__gte=7, # Use cve_score for severity
).order_by("-created")[:5],
}

def get_label_name(self, label_id):
"""Convert label ID to human-readable name."""
return self.labels.get(label_id, "Other")

def get_general_info(self, organization):
total_organization_bugs = Issue.objects.filter(domain__organization__id=organization).count()
total_bug_hunts = Hunt.objects.filter(domain__organization__id=organization).count()
Expand Down Expand Up @@ -413,6 +452,7 @@ def get(self, request, id, *args, **kwargs):
"spent_on_bugtypes": self.get_spent_on_bugtypes(id),
"security_incidents_summary": self.get_security_incidents_summary(id),
}
context.update({"threat_intelligence": self.get_threat_intelligence(id)})
return render(request, "organization/organization_analytics.html", context=context)


Expand Down