A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber
LOCKLEVEL was a rapidly built prototype that demonstrates a method for scoring how well Windows systems have implemented some of the NSA Information Assurance top 10 mitigation strategies. This prototype is being shared to encourage industry adoption of these ideas into commercial tools.
LOCKLEVEL was designed as standalone components that can be deployed using existing systems management tools. These independent components leverage Python/PowerShell code for analysis and PowerShell/C/C++ code for system surveys.
Splunk Assessment of Mitigation Implementations (SAMI) is a production version of LOCKLEVEL that implements similar ideas (SAMI does not implement an equivalent of the OSPH component from LOCKLEVEL) and similar business logic. SAMI leverages specific LOCKLEVEL components, such as anti-exploitation (LL_AE) and anti-virus (LL_AV), by using them in the SAMI Technical Addon.
LOCKLEVEL implements tests for 7 of the 10 mitigations.
This Work was prepared by a United States Government employee and, therefore, is excluded from copyright by Section 105 of the Copyright Act of 1976.
Copyright and Related Rights in the Work worldwide are waived through the CC0 1.0 Universal license.
This Work is provided "as is". Any express or implied warranties, including but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. In no event shall the United States Government be liable for any direct, indirect, incidental, special, exemplary or consequential damages (including, but not limited to, procurement of substitute goods or services, loss of use, data or profits, or business interruption) however caused and on any theory of liability, whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this Work, even if advised of the possibility of such damage.
The User of this Work agrees to hold harmless and indemnify the United States Government, its agents and employees from every claim or liability (whether in tort or in contract), including attorneys' fees, court costs, and expenses, arising in direct consequence of Recipient's use of the item, including but not limited to, claims or liabilities made for injury to or death of personnel of User or third parties, damage to or destruction of property of User or third parties, infringement or other violations of intellectual property or technical data rights.
Nothing in this Work is intended to constitute an endorsement, explicit or implied, by the United States Government of any particular manufacturer's product or service.
Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, in this Work does not constitute an endorsement, recommendation, or favoring by the United States Government and shall not be used for advertising or product endorsement purposes.