diff --git a/README.md b/README.md index 4deeb03..83aad58 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ |---------|-------------| | **Plug and Play Design** | Automatically monitor all activity within a `with Phylax(...):` block | | **Explicit Analysis** | Use `phylax.analyze()` for targeted compliance checks on specific data | -| **Built-in Presets** | Ready-made compliance presets for HIPAA, SOC 2, PCI DSS, GDPR, and Financial Services | +| **Built-in Presets** | Ready-made compliance presets for HIPAA, SOC 2, PCI DSS, GDPR, Financial Services, and Enterprise Security | | **Flexible Configuration** | YAML-based policy configuration supporting regex, SPDX, and custom policies | | **Multiple Trigger Types** | Choose from raise, log, human_review, or custom violation handling | | **Comprehensive Monitoring** | Console output, function calls, network requests, and file operations | @@ -90,7 +90,7 @@ Phylax provides built-in presets for common compliance standards: from phylax import PhylaxConfig, list_presets # See available presets -print(list_presets()) # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial'] +print(list_presets()) # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial', 'enterprise'] # Use a single preset config = PhylaxConfig.from_preset("hipaa") diff --git a/docs/presets.md b/docs/presets.md index 17a5988..fb94d2e 100644 --- a/docs/presets.md +++ b/docs/presets.md @@ -40,6 +40,14 @@ Phylax provides built-in presets for common security and compliance standards. T - `fin_swift_code`: Detects SWIFT codes - `fin_iban`: Detects IBAN numbers +### Enterprise Security +- `enterprise_private_ip`: Detects private IP addresses +- `enterprise_internal_url`: Detects internal URLs +- `enterprise_env_var`: Detects secrets in environment variables +- `enterprise_ssh_key`: Detects private SSH key blocks +- `enterprise_slack_token`: Detects Slack tokens +- `enterprise_google_oauth`: Detects Google OAuth tokens + ## Usage ### Basic Usage @@ -48,7 +56,7 @@ Phylax provides built-in presets for common security and compliance standards. T from phylax import PhylaxConfig, Phylax, list_presets, get_preset # List available presets -print(list_presets()) # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial'] +print(list_presets()) # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial', 'enterprise'] # Get policies for a specific preset hipaa_policies = get_preset("hipaa") diff --git a/src/phylax/presets.py b/src/phylax/presets.py index bd1c5c2..2f42fff 100644 --- a/src/phylax/presets.py +++ b/src/phylax/presets.py @@ -264,12 +264,65 @@ def extend_preset(cls, base_preset: str, additional_policies: list[Policy]) -> l ), ] +# Enterprise Security Preset +ENTERPRISE_POLICIES = [ + Policy( + id="enterprise_private_ip", + type="regex", + pattern=r"\b(?:10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(?:1[6-9]|2[0-9]|3[01])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})\b", + severity="high", + trigger="log", + scope=["output", "analysis", "network", "console"], + ), + Policy( + id="enterprise_internal_url", + type="regex", + pattern=r"\b(?:https?://)?(?:intranet|internal|corp|private)\.[A-Za-z0-9.-]+\b", + severity="high", + trigger="log", + scope=["output", "analysis", "network"], + ), + Policy( + id="enterprise_env_var", + type="regex", + pattern=r"(?i)[A-Z0-9_]*(?:SECRET|PASSWORD|TOKEN|KEY)=[^\s]+", + severity="critical", + trigger="raise", + scope=["output", "analysis", "network", "console"], + ), + Policy( + id="enterprise_ssh_key", + type="regex", + pattern=r"-----BEGIN (?:RSA |DSA |EC )?PRIVATE KEY-----", + severity="critical", + trigger="raise", + scope=["output", "analysis", "network", "console"], + ), + Policy( + id="enterprise_slack_token", + type="regex", + pattern=r"xox(?:b|p|r|o|a)-[A-Za-z0-9-]{10,48}", + severity="critical", + trigger="raise", + scope=["output", "analysis", "network", "console"], + ), + Policy( + id="enterprise_google_oauth", + type="regex", + pattern=r"ya29\.[A-Za-z0-9_-]{60,}", + severity="critical", + trigger="raise", + scope=["output", "analysis", "network", "console"], + ), +] + # Register all presets PresetRegistry.register_preset("hipaa", HIPAA_POLICIES) PresetRegistry.register_preset("soc2", SOC2_POLICIES) PresetRegistry.register_preset("pci_dss", PCI_DSS_POLICIES) PresetRegistry.register_preset("gdpr", GDPR_POLICIES) PresetRegistry.register_preset("financial", FINANCIAL_POLICIES) +PresetRegistry.register_preset("enterprise", ENTERPRISE_POLICIES) # Convenience function for getting presets def get_preset(name: str) -> list[Policy]: diff --git a/tests/test_presets.py b/tests/test_presets.py index f5a5e70..ca9aec7 100644 --- a/tests/test_presets.py +++ b/tests/test_presets.py @@ -13,6 +13,7 @@ def test_list_presets(): assert "pci_dss" in presets assert "gdpr" in presets assert "financial" in presets + assert "enterprise" in presets def test_get_preset(): @@ -20,6 +21,9 @@ def test_get_preset(): hipaa_policies = get_preset("hipaa") assert len(hipaa_policies) == 6 assert all(isinstance(p, Policy) for p in hipaa_policies) + + enterprise_policies = get_preset("enterprise") + assert len(enterprise_policies) == 6 # Test invalid preset with pytest.raises(ValueError, match="Unknown preset"): @@ -47,6 +51,9 @@ def test_config_from_preset(): assert len(config.policies) == 6 assert config.version == 1 + enterprise_config = PhylaxConfig.from_preset("enterprise") + assert len(enterprise_config.policies) == 6 + def test_config_from_multiple_presets(): """Test creating config from multiple presets."""