Add enterprise preset

README.md

@@ -12,7 +12,7 @@
 |---------|-------------|
 | **Plug and Play Design** | Automatically monitor all activity within a `with Phylax(...):` block |
 | **Explicit Analysis** | Use `phylax.analyze()` for targeted compliance checks on specific data |
-| **Built-in Presets** | Ready-made compliance presets for HIPAA, SOC 2, PCI DSS, GDPR, and Financial Services |
+| **Built-in Presets** | Ready-made compliance presets for HIPAA, SOC 2, PCI DSS, GDPR, Financial Services, and Enterprise Security |
 | **Flexible Configuration** | YAML-based policy configuration supporting regex, SPDX, and custom policies |
 | **Multiple Trigger Types** | Choose from raise, log, human_review, or custom violation handling |
 | **Comprehensive Monitoring** | Console output, function calls, network requests, and file operations |
@@ -90,7 +90,7 @@ Phylax provides built-in presets for common compliance standards:
 from phylax import PhylaxConfig, list_presets
 
 # See available presets
-print(list_presets())  # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial']
+print(list_presets())  # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial', 'enterprise']
 
 # Use a single preset
 config = PhylaxConfig.from_preset("hipaa")

docs/presets.md

@@ -40,6 +40,14 @@ Phylax provides built-in presets for common security and compliance standards. T
 - `fin_swift_code`: Detects SWIFT codes
 - `fin_iban`: Detects IBAN numbers
 
+### Enterprise Security
+- `enterprise_private_ip`: Detects private IP addresses
+- `enterprise_internal_url`: Detects internal URLs
+- `enterprise_env_var`: Detects secrets in environment variables
+- `enterprise_ssh_key`: Detects private SSH key blocks
+- `enterprise_slack_token`: Detects Slack tokens
+- `enterprise_google_oauth`: Detects Google OAuth tokens
+
 ## Usage
 
 ### Basic Usage
@@ -48,7 +56,7 @@ Phylax provides built-in presets for common security and compliance standards. T
 from phylax import PhylaxConfig, Phylax, list_presets, get_preset
 
 # List available presets
-print(list_presets())  # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial']
+print(list_presets())  # ['hipaa', 'soc2', 'pci_dss', 'gdpr', 'financial', 'enterprise']
 
 # Get policies for a specific preset
 hipaa_policies = get_preset("hipaa")

src/phylax/presets.py

@@ -264,12 +264,65 @@ def extend_preset(cls, base_preset: str, additional_policies: list[Policy]) -> l
     ),
 ]
 
+# Enterprise Security Preset
+ENTERPRISE_POLICIES = [
+    Policy(
+        id="enterprise_private_ip",
+        type="regex",
+        pattern=r"\b(?:10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(?:1[6-9]|2[0-9]|3[01])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3})\b",
+        severity="high",
+        trigger="log",
+        scope=["output", "analysis", "network", "console"],
+    ),
+    Policy(
+        id="enterprise_internal_url",
+        type="regex",
+        pattern=r"\b(?:https?://)?(?:intranet|internal|corp|private)\.[A-Za-z0-9.-]+\b",
+        severity="high",
+        trigger="log",
+        scope=["output", "analysis", "network"],
+    ),
+    Policy(
+        id="enterprise_env_var",
+        type="regex",
+        pattern=r"(?i)[A-Z0-9_]*(?:SECRET|PASSWORD|TOKEN|KEY)=[^\s]+",
+        severity="critical",
+        trigger="raise",
+        scope=["output", "analysis", "network", "console"],
+    ),
+    Policy(
+        id="enterprise_ssh_key",
+        type="regex",
+        pattern=r"-----BEGIN (?:RSA |DSA |EC )?PRIVATE KEY-----",
+        severity="critical",
+        trigger="raise",
+        scope=["output", "analysis", "network", "console"],
+    ),
+    Policy(
+        id="enterprise_slack_token",
+        type="regex",
+        pattern=r"xox(?:b|p|r|o|a)-[A-Za-z0-9-]{10,48}",
+        severity="critical",
+        trigger="raise",
+        scope=["output", "analysis", "network", "console"],
+    ),
+    Policy(
+        id="enterprise_google_oauth",
+        type="regex",
+        pattern=r"ya29\.[A-Za-z0-9_-]{60,}",
+        severity="critical",
+        trigger="raise",
+        scope=["output", "analysis", "network", "console"],
+    ),
+]
+
 # Register all presets
 PresetRegistry.register_preset("hipaa", HIPAA_POLICIES)
 PresetRegistry.register_preset("soc2", SOC2_POLICIES)
 PresetRegistry.register_preset("pci_dss", PCI_DSS_POLICIES)
 PresetRegistry.register_preset("gdpr", GDPR_POLICIES)
 PresetRegistry.register_preset("financial", FINANCIAL_POLICIES)
+PresetRegistry.register_preset("enterprise", ENTERPRISE_POLICIES)
 
 # Convenience function for getting presets
 def get_preset(name: str) -> list[Policy]:

tests/test_presets.py

@@ -13,13 +13,17 @@ def test_list_presets():
     assert "pci_dss" in presets
     assert "gdpr" in presets
     assert "financial" in presets
+    assert "enterprise" in presets
 
 
 def test_get_preset():
     """Test getting a preset."""
     hipaa_policies = get_preset("hipaa")
     assert len(hipaa_policies) == 6
     assert all(isinstance(p, Policy) for p in hipaa_policies)
+
+    enterprise_policies = get_preset("enterprise")
+    assert len(enterprise_policies) == 6
 
     # Test invalid preset
     with pytest.raises(ValueError, match="Unknown preset"):
@@ -47,6 +51,9 @@ def test_config_from_preset():
     assert len(config.policies) == 6
     assert config.version == 1
 
+    enterprise_config = PhylaxConfig.from_preset("enterprise")
+    assert len(enterprise_config.policies) == 6
+
 
 def test_config_from_multiple_presets():
     """Test creating config from multiple presets."""