You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- 📖 **Install & operate guides** — new here? [**Getting Started (new users)**](docs/GETTING_STARTED.en.md); already running Zabbix/Wazuh/Fleet? [**Connect an existing stack**](docs/BROWNFIELD_CONNECT.en.md); single sign-on? [**LDAP integration**](docs/LDAP_INTEGRATION.en.md) (all KO/EN)
20
20
- 🔑 **LDAP integration (optional)** — local accounts by default; **opt in** with `MORI_LDAP_ENABLED=true` and login goes through LDAP, and **approving a signup creates an LDAP account** so the same login works in **Grafana/Zabbix/Fleet** pointed at the same directory. **Manage LDAP users right from the admin console** (add/delete/reset password/change role). Point it at your existing corporate LDAP/AD by changing the URL. → [guide](docs/LDAP_INTEGRATION.en.md)
21
+
- 🧑💻 **Account governance (access review, admin·security)** — collect server/PC **local accounts** via osquery (`POST /ingest/accounts`) and reconcile them against the **LDAP directory × approval list** → auto-detect **leaver-remains · unmanaged privileged · unapproved sudo · dormant** accounts. Dedicated **🔑 Accounts tab** (unified list + IP + approval list + CSV evidence) + per-host account section. ISMS-P 2.5.1·2.5.5·2.5.6 / ISO A.5.16·A.5.18·A.8.2. e.g. `osquery "SELECT * FROM users" → POST /ingest/accounts`
- 🎯 **Risk Assessment (R-series)** — Per-CVE **Risk = Impact (asset importance H/M/L) × Likelihood (severity)** as a **score (1–9)** on a 3×3 matrix (score-forward), with treatment decision (mitigate/accept/transfer/avoid) · residual risk · review date. **Admin-only assessment-basis (provenance)** panel. A single **risk-acceptance threshold (DoA)** auto-classifies risks at or below it as **auto-acceptable**. Based on ISMS-P risk management / ISO 27001 6.1.2·8.8
23
24
- 📚 **Control catalog (Phase 2)** — ISMS-P 101 + ISO 27001:2022 93 = **194 criteria** (KO/EN) as a tree in the **Compliance tab**. Edit each control's **implementation status (implemented/partial/not-implemented/N-A) · owner · plan · due date** → persisted to `control_status` (`schema/009`, survives restarts) + change history. One-click per-control **evidence-pack PDF**. admin·security only
- 🔑 **LDAP 통합 인증 (선택)** — 기본은 로컬 계정, **원하면**`MORI_LDAP_ENABLED=true`로 켜면 로그인이 LDAP으로 되고 **가입 승인 시 LDAP 계정이 생성**되어 같은 LDAP을 보는 **Grafana/Zabbix/Fleet에서도 같은 계정으로 로그인**. **어드민 콘솔에서 LDAP 사용자를 직접 관리**(추가·삭제·비번 재설정·역할 변경). 기존 사내 LDAP/AD도 URL만 바꿔 연결. → [가이드](docs/LDAP_INTEGRATION.md)
- 🎯 **위험성 평가 (R-series)** — 취약점(CVE)별 **위험도 = 영향도(자산 중요도 상/중/하) × 발생가능성(심각도)** 를 3×3 매트릭스로 **점수(1~9)** 산정(라벨보다 점수 우선), 위험처리 결정(조치/수용/이관/회피)·잔여위험·재평가일 기록. **어드민 전용 산정 근거(provenance)** 패널. **위험 수용 기준(DoA)** — admin이 임계 점수를 입력하면 그 이하 위험은 **기본 수용가능**으로 자동 분류. ISMS-P 위험관리 / ISO 27001 6.1.2·8.8 기반
23
24
- 📚 **통제 카탈로그 (Phase 2)** — ISMS-P 101 + ISO 27001:2022 93 = **194개 인증기준**(한/영) 트리를 **컴플라이언스 탭**에 표시. 통제별 **이행 상태(이행/부분이행/미이행/해당없음)·담당자·개선계획·기한을 편집**하면 `control_status`(`schema/009`)에 **영속(재시작 유지)** + 변경 이력 기록. 통제별 **증적 팩 PDF** 1클릭. admin·security 전용
0 commit comments