framework-mcp 2.4.5 → 2.4.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"file":"safeguard-manager.d.ts","sourceRoot":"","sources":["../../src/core/safeguard-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAc,MAAM,oBAAoB,CAAC;AAElE,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,KAAK,CAA+B;IAC5C,OAAO,CAAC,UAAU,CAAwC;IAC1D,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAQ;IAC9C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAkB;IAChE,OAAO,CAAC,kBAAkB,CAAyB;IACnD,OAAO,CAAC,WAAW,CAAa;;IAQzB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,eAAe,GAAE,OAAe,GAAG,gBAAgB,GAAG,IAAI;IA4BnG,uBAAuB,IAAI,MAAM,EAAE;IAgBnC,gBAAgB,IAAI,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAIpD,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAerD,OAAO,CAAC,yBAAyB;IAajC,OAAO,CAAC,uBAAuB;IAS/B,OAAO,CAAC,2BAA2B;IAmCnC;;OAEG;IACI,aAAa,IAAI;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE;IAO7D;;OAEG;IACI,UAAU,IAAI,IAAI;IAKzB,OAAO,CAAC,yBAAyB;IAajC,OAAO,CAAC,yBAAyB;IA2BjC,OAAO,CAAC,oBAAoB;CA23gB7B"}
1
+ {"version":3,"file":"safeguard-manager.d.ts","sourceRoot":"","sources":["../../src/core/safeguard-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAc,MAAM,oBAAoB,CAAC;AAElE,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,KAAK,CAA+B;IAC5C,OAAO,CAAC,UAAU,CAAwC;IAC1D,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAQ;IAC9C,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAkB;IAChE,OAAO,CAAC,kBAAkB,CAAyB;IACnD,OAAO,CAAC,WAAW,CAAa;;IAQzB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,eAAe,GAAE,OAAe,GAAG,gBAAgB,GAAG,IAAI;IA4BnG,uBAAuB,IAAI,MAAM,EAAE;IAgBnC,gBAAgB,IAAI,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAIpD,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI;IAerD,OAAO,CAAC,yBAAyB;IAajC,OAAO,CAAC,uBAAuB;IAS/B,OAAO,CAAC,2BAA2B;IAmCnC;;OAEG;IACI,aAAa,IAAI;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE;IAO7D;;OAEG;IACI,UAAU,IAAI,IAAI;IAKzB,OAAO,CAAC,yBAAyB;IAajC,OAAO,CAAC,yBAAyB;IA2BjC,OAAO,CAAC,oBAAoB;CAwzgB7B"}
@@ -2966,10 +2966,7 @@ export class SafeguardManager {
2966
2966
  "Dormant Accounts"
2967
2967
  ],
2968
2968
  subTaxonomicalElements: [
2969
- "Disable",
2970
- "Delete",
2971
- "Period of 45 days of inactivity",
2972
- "Where Supported"
2969
+ "Dormant Accounts"
2973
2970
  ],
2974
2971
  implementationSuggestions: [ // Gray - Implementation suggestions
2975
2972
  ],
@@ -3233,30 +3230,22 @@ export class SafeguardManager {
3233
3230
  title: "Establish an Access Granting Process",
3234
3231
  description: "Establish and follow a documented process, preferably automated, for granting access to enterprise assets upon new hire or role change of a user.",
3235
3232
  implementationGroup: "IG1",
3236
- assetType: ["Users"],
3233
+ assetType: ["Documentation"],
3237
3234
  securityFunction: ["Govern"],
3238
3235
  governanceElements: [
3239
3236
  "Establish",
3240
- "Follow",
3241
- "Account and Access Control Management",
3242
- "Account and Credential Management Policy/Process",
3243
- "Documentation"
3237
+ "Follow"
3244
3238
  ],
3245
3239
  coreRequirements: [
3246
3240
  "documented process",
3247
3241
  "granting access to enterprise assets"
3248
3242
  ],
3249
3243
  subTaxonomicalElements: [
3250
- "preferably automated",
3251
3244
  "upon new hire",
3252
3245
  "role change of a user",
3253
- "New Hire",
3254
- "Role Change",
3255
3246
  "Enterprise assets"
3256
3247
  ],
3257
- implementationSuggestions: [
3258
- "Account and Access Control Management",
3259
- "Account and Credential Management Policy/Process"
3248
+ implementationSuggestions: [ // Gray - Implementation suggestions
3260
3249
  ],
3261
3250
  relatedSafeguards: ["5.1", "6.7", "6.8"],
3262
3251
  systemPromptFull: {
@@ -3310,25 +3299,17 @@ export class SafeguardManager {
3310
3299
  title: "Establish an Access Revoking Process",
3311
3300
  description: "Establish and follow a process, preferably automated, for revoking access to enterprise assets, through disabling accounts immediately upon termination, rights revocation, or role change of a user. Disabling accounts, instead of deleting accounts, may be necessary to preserve audit trails.",
3312
3301
  implementationGroup: "IG1",
3313
- assetType: ["Users"],
3302
+ assetType: ["Documentation"],
3314
3303
  securityFunction: ["Govern"],
3315
3304
  governanceElements: [
3316
3305
  "Establish",
3317
3306
  "Follow",
3318
- "Account and Access Control Management",
3319
- "Account and Credential Management Policy/Process",
3320
- "Documentation"
3307
+ "Disabling Accounts, instead of Deleting accounts, may be necessary to preserve audit trails"
3321
3308
  ],
3322
3309
  coreRequirements: [
3323
- "process",
3324
- "revoking access to enterprise assets",
3325
- "disabling accounts immediately"
3310
+ "Access Revoking Process"
3326
3311
  ],
3327
3312
  subTaxonomicalElements: [
3328
- "preferably automated",
3329
- "upon termination",
3330
- "rights revocation",
3331
- "role change of a user",
3332
3313
  "Role Change",
3333
3314
  "Termination",
3334
3315
  "Rights revocation",
@@ -3336,9 +3317,7 @@ export class SafeguardManager {
3336
3317
  "Disabling accounts immediately"
3337
3318
  ],
3338
3319
  implementationSuggestions: [
3339
- "Disabling accounts, instead of deleting accounts, may be necessary to preserve audit trails",
3340
- "Account and Access Control Management",
3341
- "Account and Credential Management Policy/Process"
3320
+ "Preferably Automated"
3342
3321
  ],
3343
3322
  relatedSafeguards: ["5.1", "6.7"],
3344
3323
  systemPromptFull: {
@@ -3396,24 +3375,18 @@ export class SafeguardManager {
3396
3375
  securityFunction: ["Protect"],
3397
3376
  governanceElements: [
3398
3377
  "Require",
3399
- "Account and Access Control Management",
3400
- "Multi-Factor Authentication Tool"
3378
+ "Enforce",
3379
+ "Where Supported"
3401
3380
  ],
3402
3381
  coreRequirements: [
3403
3382
  "all externally-exposed enterprise or third-party applications to enforce MFA",
3404
- "where supported"
3383
+ "MFA - Multi Factor Authentication"
3405
3384
  ],
3406
3385
  subTaxonomicalElements: [
3407
- "ALL Externally Exposed Applications",
3408
- "Enforce",
3409
- "Where supported"
3386
+ "MFA for all externally exposed enterprise or third-party applications"
3410
3387
  ],
3411
3388
  implementationSuggestions: [
3412
- "Enforcing MFA through a directory service or SSO provider is a satisfactory implementation of this Safeguard",
3413
- "Directory service",
3414
- "SSO Provider",
3415
- "Account and Access Control Management",
3416
- "Multi-Factor Authentication Tool"
3389
+ "Enforcing MFA through a directory service or SSO provider is a satisfactory implementation of this Safeguard"
3417
3390
  ],
3418
3391
  relatedSafeguards: ["2.1", "4.1"],
3419
3392
  systemPromptFull: {
@@ -3470,20 +3443,15 @@ export class SafeguardManager {
3470
3443
  assetType: ["Users"],
3471
3444
  securityFunction: ["Protect"],
3472
3445
  governanceElements: [
3473
- "Require",
3474
- "Account and Access Control Management",
3475
- "Multi-Factor Authentication Tool"
3446
+ "Require"
3476
3447
  ],
3477
3448
  coreRequirements: [
3478
- "MFA",
3479
- "remote network access"
3449
+ "MFA for remote network access"
3480
3450
  ],
3481
3451
  subTaxonomicalElements: [
3482
- "Remote Network Access"
3452
+ "MFA for Remote Network Access"
3483
3453
  ],
3484
- implementationSuggestions: [
3485
- "Account and Access Control Management",
3486
- "Multi-Factor Authentication Tool"
3454
+ implementationSuggestions: [ // Gray - Implementation suggestions
3487
3455
  ],
3488
3456
  relatedSafeguards: ["4.2", "12.7"],
3489
3457
  systemPromptFull: {
@@ -3541,25 +3509,17 @@ export class SafeguardManager {
3541
3509
  securityFunction: ["Protect"],
3542
3510
  governanceElements: [
3543
3511
  "Require",
3544
- "Account and Access Control Management",
3545
- "Multi-Factor Authentication Tool"
3512
+ "Where Supported"
3546
3513
  ],
3547
3514
  coreRequirements: [
3548
- "MFA",
3549
- "all administrative access accounts",
3550
- "all enterprise assets"
3515
+ "MFA on all administrative access accounts"
3551
3516
  ],
3552
3517
  subTaxonomicalElements: [
3553
- "where supported",
3554
3518
  "All Admin Access Accounts",
3555
3519
  "All enterprise assets",
3556
- "Onsite Management",
3557
- "Service Provider",
3558
- "Or"
3520
+ "Onsite Management accounts or Service Provider Admin Accounts"
3559
3521
  ],
3560
- implementationSuggestions: [
3561
- "Account and Access Control Management",
3562
- "Multi-Factor Authentication Tool"
3522
+ implementationSuggestions: [ // Gray - Implementation suggestions
3563
3523
  ],
3564
3524
  relatedSafeguards: ["4.1"],
3565
3525
  systemPromptFull: {
@@ -3613,30 +3573,22 @@ export class SafeguardManager {
3613
3573
  title: "Establish and Maintain an Inventory of Authentication and Authorization Systems",
3614
3574
  description: "Establish and maintain an inventory of the enterprise's authentication and authorization systems, including those hosted on-site or at a remote service provider. Review and update the inventory, at a minimum, annually, or more frequently.",
3615
3575
  implementationGroup: "IG2",
3616
- assetType: ["software"],
3576
+ assetType: ["Software"],
3617
3577
  securityFunction: ["Identify"],
3618
3578
  governanceElements: [
3619
3579
  "Establish",
3620
3580
  "maintain",
3621
- "Review and update",
3622
- "Account and Access Control Management",
3623
- "Account and Credential Management Policy/Process"
3581
+ "Review and update inventory",
3582
+ "At a minimum, monthly or more frequenlty"
3624
3583
  ],
3625
3584
  coreRequirements: [
3626
3585
  "inventory of the enterprise's authentication and authorization systems"
3627
3586
  ],
3628
3587
  subTaxonomicalElements: [
3629
- "including those hosted on-site or at a remote service provider",
3630
- "at a minimum, annually, or more frequently",
3631
- "Hosted on-site",
3632
- "Remote Service Provider",
3633
- "Or",
3634
- "At a minimum Annually",
3635
- "More frequently"
3588
+ "hosted on-site",
3589
+ "hosted at a remote service provider"
3636
3590
  ],
3637
- implementationSuggestions: [
3638
- "Account and Access Control Management",
3639
- "Account and Credential Management Policy/Process"
3591
+ implementationSuggestions: [ // Gray - Implementation suggestions
3640
3592
  ],
3641
3593
  relatedSafeguards: ["1.1", "2.1", "3.3", "5.6", "6.7"],
3642
3594
  systemPromptFull: {
@@ -3694,27 +3646,17 @@ export class SafeguardManager {
3694
3646
  securityFunction: ["Protect"],
3695
3647
  governanceElements: [
3696
3648
  "Centralize",
3697
- "Account and Access Control Management",
3698
- "Account and Credential Management Policy/Process",
3699
- "Identity and Access Management Tool"
3649
+ "Where Supported"
3700
3650
  ],
3701
3651
  coreRequirements: [
3702
- "access control",
3703
- "all enterprise assets"
3652
+ "access control"
3704
3653
  ],
3705
3654
  subTaxonomicalElements: [
3706
3655
  "through a directory service or SSO provider",
3707
- "where supported",
3708
- "Directory Service",
3709
- "SSO Provider",
3710
- "Or",
3711
- "All enterprise assets",
3712
- "Where Supported"
3656
+ "Directory Service or SSO Provider",
3657
+ "All enterprise assets"
3713
3658
  ],
3714
- implementationSuggestions: [
3715
- "Account and Access Control Management",
3716
- "Account and Credential Management Policy/Process",
3717
- "Identity and Access Management Tool"
3659
+ implementationSuggestions: [ // Gray - Implementation suggestions
3718
3660
  ],
3719
3661
  relatedSafeguards: ["4.1", "5.1", "5.6", "6.1", "6.2", "6.6", "12.5", "12.7"],
3720
3662
  systemPromptFull: {
@@ -3773,30 +3715,21 @@ export class SafeguardManager {
3773
3715
  governanceElements: [
3774
3716
  "Define",
3775
3717
  "maintain",
3776
- "Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule at a minimum annually, or more frequently",
3777
- "Account and Access Control Management",
3778
- "Account and Credential Management Policy/Process",
3779
- "Identity and Access management Tool"
3718
+ "Necessary",
3719
+ "Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule",
3720
+ "At a mimimum Annually, or more Frequently"
3780
3721
  ],
3781
3722
  coreRequirements: [
3782
- "role-based access control",
3783
- "determining and documenting the access rights necessary for each role within the enterprise to successfully carry out its assigned duties"
3723
+ "role-based access control"
3784
3724
  ],
3785
3725
  subTaxonomicalElements: [
3786
3726
  "Access rights",
3787
3727
  "Each Role",
3788
- "Necessary",
3789
- "Successfully carry out its assigned duties",
3728
+ "Neccesary to Successfully carry out its assigned duties",
3790
3729
  "Determining",
3791
- "Documenting",
3792
- "At a minimum Annually",
3793
- "More frequently",
3794
- "Or"
3730
+ "Documenting"
3795
3731
  ],
3796
- implementationSuggestions: [
3797
- "Account and Access Control Management",
3798
- "Account and Credential Management Policy/Process",
3799
- "Identity and Access management Tool"
3732
+ implementationSuggestions: [ // Gray - Implementation suggestions
3800
3733
  ],
3801
3734
  relatedSafeguards: ["3.3", "4.1", "6.1"],
3802
3735
  systemPromptFull: {