ai_root_shield 0.4.0 → 1.0.0

data/lib/ai_root_shield.rb

@@ -15,6 +15,21 @@ require_relative "ai_root_shield/certificate_pinning_helper"
 require_relative "ai_root_shield/advanced_proxy_detector"
 require_relative "ai_root_shield/enterprise_policy_manager"
 
+# v0.5.0 Platform-specific security modules
+require_relative "ai_root_shield/platform/android_security_module"
+require_relative "ai_root_shield/platform/ios_security_module"
+require_relative "ai_root_shield/platform/hardware_security_analyzer"
+require_relative "ai_root_shield/platform/unified_report_generator"
+
+# v0.5.0 CI/CD and developer tools
+require_relative "ai_root_shield/ci_cd/security_test_module"
+
+# v0.5.0 Dashboard and visualization
+require_relative "ai_root_shield/dashboard/web_dashboard"
+
+# v0.5.0 Third-party integrations
+require_relative "ai_root_shield/integrations/siem_connector"
+
 module AiRootShield
   class Error < StandardError; end
 
@@ -23,6 +38,12 @@ module AiRootShield
   @policy_manager = nil
   @certificate_pinning = nil
   @proxy_detector = nil
+  @android_module = nil
+  @ios_module = nil
+  @hardware_analyzer = nil
+  @report_generator = nil
+  @ci_cd_module = nil
+  @siem_connector = nil
 
   # Main entry point for device scanning
   # @param device_logs_path [String] Path to device logs JSON file
@@ -133,6 +154,128 @@ module AiRootShield
     @proxy_detector
   end
 
+  # v0.5.0 Platform-specific security analysis
+  # Analyze Android device security using SafetyNet and Play Integrity APIs
+  # @param device_logs [Hash] Device logs data
+  # @param config [Hash] Configuration options
+  # @return [Hash] Android security analysis results
+  def self.analyze_android_security(device_logs, config = {})
+    @android_module ||= Platform::AndroidSecurityModule.new(config)
+    @android_module.analyze_device_security(device_logs)
+  end
+
+  # Analyze iOS device security with advanced jailbreak detection
+  # @param device_logs [Hash] Device logs data
+  # @return [Hash] iOS security analysis results
+  def self.analyze_ios_security(device_logs)
+    @ios_module ||= Platform::IosSecurityModule.new
+    @ios_module.analyze_device_security(device_logs)
+  end
+
+  # Analyze hardware security features (TEE/SE, biometrics)
+  # @param device_logs [Hash] Device logs data
+  # @param platform [String] Platform type ('android' or 'ios')
+  # @return [Hash] Hardware security analysis results
+  def self.analyze_hardware_security(device_logs, platform)
+    @hardware_analyzer ||= Platform::HardwareSecurityAnalyzer.new
+    @hardware_analyzer.analyze_hardware_security(device_logs, platform)
+  end
+
+  # Generate unified cross-platform security report
+  # @param android_results [Hash] Android analysis results
+  # @param ios_results [Hash] iOS analysis results
+  # @param metadata [Hash] Report metadata
+  # @return [Hash] Unified security report
+  def self.generate_unified_report(android_results: nil, ios_results: nil, metadata: {})
+    @report_generator ||= Platform::UnifiedReportGenerator.new
+    @report_generator.generate_unified_report(
+      android_results: android_results,
+      ios_results: ios_results,
+      metadata: metadata
+    )
+  end
+
+  # Run CI/CD security tests
+  # @param device_logs_path [String] Path to device logs file
+  # @param options [Hash] Test configuration options
+  # @return [Hash] CI/CD test results
+  def self.run_ci_cd_tests(device_logs_path, options = {})
+    @ci_cd_module ||= CiCd::SecurityTestModule.new(options)
+    @ci_cd_module.run_security_tests(device_logs_path, options)
+  end
+
+  # Generate CI/CD configuration for specified platform
+  # @param platform [String] CI/CD platform name
+  # @param options [Hash] Configuration options
+  # @return [String] CI/CD configuration content
+  def self.generate_ci_config(platform, options = {})
+    @ci_cd_module ||= CiCd::SecurityTestModule.new
+    @ci_cd_module.generate_ci_config(platform, options)
+  end
+
+  # Configure SIEM integration
+  # @param platform [Symbol] SIEM platform (:splunk, :elastic, etc.)
+  # @param config [Hash] SIEM configuration
+  # @return [Integrations::SiemConnector] SIEM connector instance
+  def self.configure_siem(platform, config = {})
+    @siem_connector = Integrations::SiemConnector.new(platform, config)
+  end
+
+  # Send security events to SIEM
+  # @param analysis_results [Hash] Security analysis results
+  # @param metadata [Hash] Event metadata
+  # @return [Hash] SIEM response
+  def self.send_to_siem(analysis_results, metadata = {})
+    return { error: "SIEM not configured" } unless @siem_connector
+    
+    @siem_connector.send_security_event(analysis_results, metadata)
+  end
+
+  # Start web dashboard
+  # @param port [Integer] Port number
+  def self.start_dashboard(port = 4567)
+    dashboard = AiRootShield::Dashboard::WebDashboard.new
+    dashboard.start(port)
+  end
+
+  # Platform-specific analysis methods for CLI
+  def self.analyze_android_device(device_logs_path, config = {})
+    device_logs = JSON.parse(File.read(device_logs_path))
+    android_module = AiRootShield::Platform::AndroidSecurityModule.new(
+      api_key: config[:safetynet_api_key],
+      package_name: config[:package_name]
+    )
+    android_module.analyze_device_security(device_logs)
+  end
+
+  def self.analyze_ios_device(device_logs_path, config = {})
+    device_logs = JSON.parse(File.read(device_logs_path))
+    ios_module = AiRootShield::Platform::IosSecurityModule.new
+    ios_module.analyze_device_security(device_logs)
+  end
+
+  # CI/CD integration method for CLI
+  def self.run_ci_cd_tests(device_logs_path, config = {})
+    ci_module = AiRootShield::CiCd::SecurityTestModule.new
+    ci_module.run_security_tests(device_logs_path, config)
+  end
+
+  # Generate CI configuration for CLI
+  def self.generate_ci_config(platform)
+    ci_module = AiRootShield::CiCd::SecurityTestModule.new
+    ci_module.generate_ci_config(platform)
+  end
+
+  # Generate unified cross-platform report for CLI
+  def self.generate_unified_report(android_results: nil, ios_results: nil, metadata: {})
+    report_generator = AiRootShield::Platform::UnifiedReportGenerator.new
+    report_generator.generate_unified_report(
+      android_results: android_results,
+      ios_results: ios_results,
+      metadata: metadata
+    )
+  end
+
   # Check if RASP protection is active
   # @return [Boolean] True if RASP protection is active
   def self.rasp_active?
@@ -148,11 +291,19 @@ module AiRootShield
       policy_configured: !@policy_manager.nil?,
       certificate_pinning_configured: !@certificate_pinning.nil?,
       proxy_detection_configured: !@proxy_detector.nil?,
+      siem_configured: !@siem_connector.nil?,
+      platform_modules: {
+        android_module: !@android_module.nil?,
+        ios_module: !@ios_module.nil?,
+        hardware_analyzer: !@hardware_analyzer.nil?,
+        report_generator: !@report_generator.nil?
+      },
       components: {
         rasp: @rasp_protection&.protection_status,
         policy: @policy_manager&.policy_statistics,
         certificate_pinning: @certificate_pinning&.pinning_status,
-        proxy_detection: @proxy_detector&.detection_statistics
+        proxy_detection: @proxy_detector&.detection_statistics,
+        siem: @siem_connector ? { platform: @siem_connector.instance_variable_get(:@platform) } : nil
       }
     }
   end

data/security_test_artifacts/security_report.json

@@ -0,0 +1,124 @@
+{
+  "metadata": {
+    "test_suite_version": "1.0",
+    "ai_root_shield_version": "0.5.0",
+    "execution_timestamp": "2025-09-09T21:01:42Z",
+    "ci_environment": "Unknown",
+    "test_configuration": {},
+    "git_information": {
+      "commit_sha": "6a1360b16d119ffcb11973d68aed1fa5ebb58622",
+      "branch": "main",
+      "commit_message": "Release v0.4.0: Add advanced network security and enterprise policy management\n\n- Add certificate pinning helper with common CA support\n- Implement advanced proxy detection (VPN, Tor, custom DNS, MITM)\n- Add enterprise policy management with JSON-based rules\n- Include policy templates for banking, enterprise, and development\n- Add comprehensive network analysis integration\n- Update CLI with new network security options\n- Enhance documentation with new features",
+      "author": "oynaxo"
+    },
+    "build_information": {}
+  },
+  "test_results": [
+    {
+      "test_name": "Android Security Analysis",
+      "platform": "android",
+      "status": "PASSED",
+      "risk_score": 18,
+      "risk_factors": [
+        "TEE_NOT_AVAILABLE",
+        "HARDWARE_KEYSTORE_UNAVAILABLE"
+      ],
+      "details": {
+        "safetynet": {
+          "basic_integrity": true,
+          "cts_profile_match": true,
+          "evaluation_type": "BASIC",
+          "nonce_verified": false,
+          "timestamp": 1640995200000,
+          "advice": [
+            {
+              "type": "SECURITY",
+              "message": "Device has secure lock screen"
+            }
+          ]
+        },
+        "play_integrity": {
+          "device_verdict": [
+            "MEETS_DEVICE_INTEGRITY",
+            "MEETS_BASIC_INTEGRITY"
+          ],
+          "app_verdict": "PLAY_RECOGNIZED",
+          "account_verdict": "LICENSED",
+          "environment_verdict": "MEETS_BASIC_INTEGRITY",
+          "meets_device_integrity": {
+            "meets_device_integrity": true,
+            "meets_basic_integrity": true,
+            "meets_strong_integrity": false
+          },
+          "app_licensing_verdict": "LICENSED"
+        },
+        "hardware_security": {
+          "tee_available": false,
+          "secure_element_available": false,
+          "hardware_keystore": false,
+          "biometric_hardware": {
+            "fingerprint_available": true,
+            "face_available": false,
+            "iris_available": false,
+            "biometric_prompt_supported": false,
+            "hardware_level": "strong",
+            "enrolled_biometrics": 0
+          },
+          "strongbox_available": false,
+          "verified_boot": false,
+          "dm_verity_enabled": false
+        },
+        "system_integrity": {
+          "selinux_enforcing": true,
+          "verified_boot_state": "green",
+          "bootloader_locked": true,
+          "system_partition_verified": true,
+          "vendor_partition_verified": true,
+          "build_tags": {
+            "secure": true,
+            "tags": [
+              "release-keys"
+            ],
+            "has_release_keys": true,
+            "has_test_keys": false,
+            "has_debug_keys": false
+          },
+          "adb_enabled": false,
+          "developer_options_enabled": false
+        }
+      },
+      "recommendations": [],
+      "execution_time": 0.054442
+    },
+    {
+      "test_name": "Cross-Platform Security Analysis",
+      "platform": "cross_platform",
+      "status": "PASSED",
+      "risk_score": 0,
+      "risk_factors": [],
+      "details": {
+        "network_security": {
+          "proxy_enabled": false,
+          "vpn_active": false,
+          "custom_certificates": 0,
+          "tls_version": "1.3"
+        }
+      },
+      "recommendations": [],
+      "execution_time": 0.054453
+    }
+  ],
+  "summary": {
+    "total_tests": 2,
+    "passed": 2,
+    "failed": 0,
+    "warnings": 0,
+    "success_rate": 100.0,
+    "max_risk_score": 18,
+    "overall_status": "SECURE",
+    "total_risk_factors": 2,
+    "critical_risk_factors": [],
+    "execution_time": 0.054473
+  },
+  "artifacts": []
+}

data/security_test_artifacts/security_results.sarif

@@ -0,0 +1,16 @@
+{
+  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+  "version": "2.1.0",
+  "runs": [
+    {
+      "tool": {
+        "driver": {
+          "name": "AI Root Shield",
+          "version": "0.5.0",
+          "informationUri": "https://github.com/ahmetxhero/ai-root-shield"
+        }
+      },
+      "results": []
+    }
+  ]
+}

data/security_test_artifacts/security_tests.xml

@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<testsuites name="AI Root Shield Security Tests" tests="2" failures="0" time="0.054473">
+</testsuites>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ai_root_shield
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Ahmet KAHRAMAN
@@ -169,7 +169,12 @@ files:
 - LICENSE
 - README.md
 - Rakefile
+- bindings/python/README.md
+- bindings/python/ai_root_shield.py
+- bindings/python/setup.py
+- examples/device_logs/android_safetynet_device.json
 - examples/device_logs/clean_device.json
+- examples/device_logs/ios_jailbroken_device.json
 - examples/device_logs/rooted_android.json
 - examples/policies/banking_policy.json
 - examples/policies/development_policy.json
@@ -184,13 +189,27 @@ files:
 - lib/ai_root_shield/analyzers/network_analyzer.rb
 - lib/ai_root_shield/analyzers/root_detector.rb
 - lib/ai_root_shield/certificate_pinning_helper.rb
+- lib/ai_root_shield/ci_cd/security_test_module.rb
+- lib/ai_root_shield/dashboard/web_dashboard.rb
 - lib/ai_root_shield/detector.rb
 - lib/ai_root_shield/device_log_parser.rb
+- lib/ai_root_shield/enterprise/alert_system.rb
+- lib/ai_root_shield/enterprise/hybrid_detection_engine.rb
+- lib/ai_root_shield/enterprise/performance_optimizer.rb
+- lib/ai_root_shield/enterprise/policy_manager.rb
 - lib/ai_root_shield/enterprise_policy_manager.rb
+- lib/ai_root_shield/integrations/siem_connector.rb
+- lib/ai_root_shield/platform/android_security_module.rb
+- lib/ai_root_shield/platform/hardware_security_analyzer.rb
+- lib/ai_root_shield/platform/ios_security_module.rb
+- lib/ai_root_shield/platform/unified_report_generator.rb
 - lib/ai_root_shield/rasp_protection.rb
 - lib/ai_root_shield/risk_calculator.rb
 - lib/ai_root_shield/version.rb
 - models/README.md
+- security_test_artifacts/security_report.json
+- security_test_artifacts/security_results.sarif
+- security_test_artifacts/security_tests.xml
 homepage: https://github.com/ahmetxhero/ai-root-shield
 licenses:
 - MIT