/** * @fileoverview Comprehensive Risk Scorer * @module @nahisaho/musubix-security/intelligence/risk-scorer * * Provides comprehensive risk scoring, CVSS calculation, * business impact assessment, and risk prioritization. */ import type { Vulnerability } from '../types/index.js'; import type { ThreatContext } from './threat-intelligence.js'; import type { AttackChain, PatternMatch } from './attack-pattern-matcher.js'; /** * CVSS v3.1 Attack Vector */ export type AttackVector = 'network' | 'adjacent' | 'local' | 'physical'; /** * CVSS v3.1 Attack Complexity */ export type AttackComplexity = 'low' | 'high'; /** * CVSS v3.1 Privileges Required */ export type PrivilegesRequired = 'none' | 'low' | 'high'; /** * CVSS v3.1 User Interaction */ export type UserInteraction = 'none' | 'required'; /** * CVSS v3.1 Scope */ export type Scope = 'unchanged' | 'changed'; /** * CVSS v3.1 Impact */ export type Impact = 'none' | 'low' | 'high'; /** * CVSS v3.1 Metrics */ export interface CVSSMetrics { /** Attack Vector */ attackVector: AttackVector; /** Attack Complexity */ attackComplexity: AttackComplexity; /** Privileges Required */ privilegesRequired: PrivilegesRequired; /** User Interaction */ userInteraction: UserInteraction; /** Scope */ scope: Scope; /** Confidentiality Impact */ confidentialityImpact: Impact; /** Integrity Impact */ integrityImpact: Impact; /** Availability Impact */ availabilityImpact: Impact; } /** * CVSS Score Result */ export interface CVSSScore { /** Base score (0-10) */ baseScore: number; /** Severity rating */ severity: 'none' | 'low' | 'medium' | 'high' | 'critical'; /** Vector string */ vectorString: string; /** Component scores */ components: { exploitability: number; impact: number; }; /** Metrics used */ metrics: CVSSMetrics; } /** * Business impact category */ export type BusinessImpactCategory = 'financial' | 'reputation' | 'operational' | 'compliance' | 'safety' | 'privacy'; /** * Business impact assessment */ export interface BusinessImpact { /** Impact category */ category: BusinessImpactCategory; /** Impact level (0-100) */ level: number; /** Description */ description: string; /** Potential loss estimate */ potentialLoss?: { min: number; max: number; currency: string; }; } /** * Asset classification */ export interface AssetClassification { /** Asset type */ type: 'data' | 'system' | 'network' | 'application' | 'personnel'; /** Criticality (0-100) */ criticality: number; /** Data classification */ dataClassification: 'public' | 'internal' | 'confidential' | 'restricted'; /** Compliance requirements */ complianceRequirements: string[]; } /** * Risk factor */ export interface RiskFactor { /** Factor name */ name: string; /** Factor weight (0-1) */ weight: number; /** Factor score (0-100) */ score: number; /** Description */ description: string; /** Evidence */ evidence?: string[]; } /** * Risk score result */ export interface RiskScore { /** Overall risk score (0-100) */ overallScore: number; /** Risk level */ riskLevel: 'critical' | 'high' | 'medium' | 'low' | 'informational'; /** CVSS score */ cvssScore: CVSSScore; /** Business impact scores */ businessImpacts: BusinessImpact[]; /** Contributing factors */ factors: RiskFactor[]; /** Asset context */ assetContext?: AssetClassification; /** Threat context */ threatContext?: Partial; /** Confidence (0-1) */ confidence: number; /** Recommendations ordered by priority */ recommendations: string[]; /** Time to remediate estimate */ remediationTimeEstimate: { min: number; max: number; unit: 'hours' | 'days' | 'weeks'; }; } /** * Aggregated risk summary */ export interface RiskSummary { /** Total vulnerabilities */ totalVulnerabilities: number; /** Average risk score */ averageRiskScore: number; /** Risk distribution */ distribution: { critical: number; high: number; medium: number; low: number; informational: number; }; /** Top risks */ topRisks: { vulnerability: Vulnerability; riskScore: RiskScore; }[]; /** Total business impact */ totalBusinessImpact: { category: BusinessImpactCategory; totalScore: number; }[]; /** Overall security posture (0-100) */ securityPosture: number; /** Trend indicator */ trend: 'improving' | 'stable' | 'declining'; } /** * Risk Scorer options */ export interface RiskScorerOptions { /** Asset classification for context */ assetClassification?: AssetClassification; /** Business impact weights */ businessImpactWeights?: Partial>; /** Custom risk factors */ customFactors?: RiskFactor[]; /** Enable threat context enrichment */ enableThreatEnrichment?: boolean; /** Organization risk tolerance (0-100) */ riskTolerance?: number; } /** * Comprehensive Risk Scorer */ export declare class RiskScorer { private options; constructor(options?: RiskScorerOptions); /** * Calculate CVSS score for a vulnerability */ calculateCVSS(vulnerability: Vulnerability): CVSSScore; /** * Calculate exploitability component */ private calculateExploitability; /** * Calculate impact component */ private calculateImpact; /** * Calculate Impact Sub-Component */ private calculateISC; /** * Convert CVSS score to severity rating */ private cvssToSeverity; /** * Generate CVSS vector string */ private generateVectorString; /** * Assess business impact */ assessBusinessImpact(vulnerability: Vulnerability): BusinessImpact[]; /** * Calculate financial impact level */ private calculateFinancialImpact; /** * Get financial impact description */ private getFinancialDescription; /** * Estimate potential loss */ private estimatePotentialLoss; /** * Calculate reputation impact */ private calculateReputationImpact; /** * Get reputation impact description */ private getReputationDescription; /** * Calculate operational impact */ private calculateOperationalImpact; /** * Get operational impact description */ private getOperationalDescription; /** * Calculate compliance impact */ private calculateComplianceImpact; /** * Get compliance impact description */ private getComplianceDescription; /** * Calculate privacy impact */ private calculatePrivacyImpact; /** * Get privacy impact description */ private getPrivacyDescription; /** * Calculate comprehensive risk score for a vulnerability */ scoreVulnerability(vulnerability: Vulnerability, threatContext?: ThreatContext): RiskScore; /** * Calculate risk factors */ private calculateRiskFactors; /** * Assess exploitability */ private assessExploitability; /** * Convert score to risk level */ private scoreToRiskLevel; /** * Calculate confidence */ private calculateConfidence; /** * Generate prioritized recommendations */ private generateRecommendations; /** * Estimate remediation time */ private estimateRemediationTime; /** * Score multiple vulnerabilities and create summary */ scoreBatch(vulnerabilities: Vulnerability[]): RiskSummary; /** * Score attack chain */ scoreAttackChain(chain: AttackChain): RiskScore; /** * Score pattern match */ scorePatternMatch(match: PatternMatch): number; } /** * Create a RiskScorer instance */ export declare function createRiskScorer(options?: RiskScorerOptions): RiskScorer; /** * Quick CVSS calculation */ export declare function calculateCVSS(vulnerability: Vulnerability): CVSSScore; /** * Quick risk score */ export declare function quickRiskScore(vulnerability: Vulnerability): RiskScore; /** * Score multiple vulnerabilities */ export declare function scoreVulnerabilities(vulnerabilities: Vulnerability[]): RiskSummary; //# sourceMappingURL=risk-scorer.d.ts.map