Refactoring inconclusive to verify and recommendation to principle

Product writer's orders

monkey/common/data/zero_trust_consts.py

@@ -2,7 +2,7 @@
 This file contains all the static data relating to Zero Trust. It is mostly used in the zero trust report generation and
 in creating findings.
 
-This file contains static mappings between zero trust components such as: pillars, recommendations, tests, statuses.
+This file contains static mappings between zero trust components such as: pillars, principles, tests, statuses.
 Some of the mappings are computed when this module is loaded.
 """
 
@@ -17,10 +17,10 @@ PILLARS = (DATA, PEOPLE, NETWORKS, DEVICES, WORKLOADS, VISIBILITY_ANALYTICS, AUT
 
 STATUS_UNEXECUTED = u"Unexecuted"
 STATUS_PASSED = u"Passed"
-STATUS_INCONCLUSIVE = u"Inconclusive"
+STATUS_VERIFY = u"Verify"
 STATUS_FAILED = u"Failed"
 # Don't change order! The statuses are ordered by importance/severity.
-ORDERED_TEST_STATUSES = [STATUS_FAILED, STATUS_INCONCLUSIVE, STATUS_PASSED, STATUS_UNEXECUTED]
+ORDERED_TEST_STATUSES = [STATUS_FAILED, STATUS_VERIFY, STATUS_PASSED, STATUS_UNEXECUTED]
 
 TEST_DATA_ENDPOINT_ELASTIC = u"unencrypted_data_endpoint_elastic"
 TEST_DATA_ENDPOINT_HTTP = u"unencrypted_data_endpoint_http"
@@ -43,27 +43,27 @@ TESTS = (
     TEST_COMMUNICATE_AS_NEW_USER
 )
 
-RECOMMENDATION_DATA_TRANSIT = u"data_transit"
+PRINCIPLE_DATA_TRANSIT = u"data_transit"
-RECOMMENDATION_ENDPOINT_SECURITY = u"endpoint_security"
+PRINCIPLE_ENDPOINT_SECURITY = u"endpoint_security"
-RECOMMENDATION_USER_BEHAVIOUR = u"user_behaviour"
+PRINCIPLE_USER_BEHAVIOUR = u"user_behaviour"
-RECOMMENDATION_ANALYZE_NETWORK_TRAFFIC = u"analyze_network_traffic"
+PRINCIPLE_ANALYZE_NETWORK_TRAFFIC = u"analyze_network_traffic"
-RECOMMENDATION_SEGMENTATION = u"segmentation"
+PRINCIPLE_SEGMENTATION = u"segmentation"
-RECOMMENDATION_RESTRICTIVE_NETWORK_POLICIES = u"network_policies"
+PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES = u"network_policies"
-RECOMMENDATION_USERS_MAC_POLICIES = u"users_mac_policies"
+PRINCIPLE_USERS_MAC_POLICIES = u"users_mac_policies"
-RECOMMENDATIONS = {
+PRINCIPLES = {
-    RECOMMENDATION_SEGMENTATION: u"Apply segmentation and micro-segmentation inside your network.",
+    PRINCIPLE_SEGMENTATION: u"Apply segmentation and micro-segmentation inside your network.",
-    RECOMMENDATION_ANALYZE_NETWORK_TRAFFIC: u"Analyze network traffic for malicious activity.",
+    PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: u"Analyze network traffic for malicious activity.",
-    RECOMMENDATION_USER_BEHAVIOUR: u"Adopt security user behavior analytics.",
+    PRINCIPLE_USER_BEHAVIOUR: u"Adopt security user behavior analytics.",
-    RECOMMENDATION_ENDPOINT_SECURITY: u"Use anti-virus and other traditional endpoint security solutions.",
+    PRINCIPLE_ENDPOINT_SECURITY: u"Use anti-virus and other traditional endpoint security solutions.",
-    RECOMMENDATION_DATA_TRANSIT: u"Secure data at transit by encrypting it.",
+    PRINCIPLE_DATA_TRANSIT: u"Secure data at transit by encrypting it.",
-    RECOMMENDATION_RESTRICTIVE_NETWORK_POLICIES: u"Configure network policies to be as restrictive as possible.",
+    PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: u"Configure network policies to be as restrictive as possible.",
-    RECOMMENDATION_USERS_MAC_POLICIES: u"Users' permissions to the network and to resources should be MAC (Mandetory "
+    PRINCIPLE_USERS_MAC_POLICIES: u"Users' permissions to the network and to resources should be MAC (Mandetory "
                                        u"Access Control) only.",
 }
 
 POSSIBLE_STATUSES_KEY = u"possible_statuses"
 PILLARS_KEY = u"pillars"
-RECOMMENDATION_KEY = u"recommendation_key"
+PRINCIPLE_KEY = u"principle_key"
 FINDING_EXPLANATION_BY_STATUS_KEY = u"finding_explanation"
 TEST_EXPLANATION_KEY = u"explanation"
 TESTS_MAP = {
@@ -73,18 +73,18 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey performed cross-segment communication. Check firewall rules and logs.",
             STATUS_PASSED: "Monkey couldn't perform cross-segment communication. If relevant, check firewall logs."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_SEGMENTATION,
+        PRINCIPLE_KEY: PRINCIPLE_SEGMENTATION,
         PILLARS_KEY: [NETWORKS],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_PASSED, STATUS_FAILED]
     },
     TEST_MALICIOUS_ACTIVITY_TIMELINE: {
         TEST_EXPLANATION_KEY: u"The Monkeys in the network performed malicious-looking actions, like scanning and attempting exploitation.",
         FINDING_EXPLANATION_BY_STATUS_KEY: {
-            STATUS_INCONCLUSIVE: "Monkey performed malicious actions in the network. Check SOC logs and alerts."
+            STATUS_VERIFY: "Monkey performed malicious actions in the network. Check SOC logs and alerts."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_ANALYZE_NETWORK_TRAFFIC,
+        PRINCIPLE_KEY: PRINCIPLE_ANALYZE_NETWORK_TRAFFIC,
         PILLARS_KEY: [NETWORKS, VISIBILITY_ANALYTICS],
-        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_INCONCLUSIVE]
+        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_VERIFY]
     },
     TEST_ENDPOINT_SECURITY_EXISTS: {
         TEST_EXPLANATION_KEY: u"The Monkey checked if there is an active process of an endpoint security software.",
@@ -92,7 +92,7 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey didn't find ANY active endpoint security processes. Install and activate anti-virus software on endpoints.",
             STATUS_PASSED: "Monkey found active endpoint security processes. Check their logs to see if Monkey was a security concern."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_ENDPOINT_SECURITY,
+        PRINCIPLE_KEY: PRINCIPLE_ENDPOINT_SECURITY,
         PILLARS_KEY: [DEVICES],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
     },
@@ -102,19 +102,19 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey successfully exploited endpoints. Check IDS/IPS logs to see activity recognized and see which endpoints were compromised.",
             STATUS_PASSED: "Monkey didn't manage to exploit an endpoint."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_ENDPOINT_SECURITY,
+        PRINCIPLE_KEY: PRINCIPLE_ENDPOINT_SECURITY,
         PILLARS_KEY: [DEVICES],
-        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_INCONCLUSIVE]
+        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_VERIFY]
     },
     TEST_SCHEDULED_EXECUTION: {
         TEST_EXPLANATION_KEY: "The Monkey was executed in a scheduled manner.",
         FINDING_EXPLANATION_BY_STATUS_KEY: {
-            STATUS_INCONCLUSIVE: "Monkey was executed in a scheduled manner. Locate this activity in User-Behavior security software.",
+            STATUS_VERIFY: "Monkey was executed in a scheduled manner. Locate this activity in User-Behavior security software.",
             STATUS_PASSED: "Monkey failed to execute in a scheduled manner."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_USER_BEHAVIOUR,
+        PRINCIPLE_KEY: PRINCIPLE_USER_BEHAVIOUR,
         PILLARS_KEY: [PEOPLE, NETWORKS],
-        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_INCONCLUSIVE]
+        POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_VERIFY]
     },
     TEST_DATA_ENDPOINT_ELASTIC: {
         TEST_EXPLANATION_KEY: u"The Monkey scanned for unencrypted access to ElasticSearch instances.",
@@ -122,7 +122,7 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey accessed ElasticSearch instances. Limit access to data by encrypting it in in-transit.",
             STATUS_PASSED: "Monkey didn't find open ElasticSearch instances. If you have such instances, look for alerts that indicate attempts to access them."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_DATA_TRANSIT,
+        PRINCIPLE_KEY: PRINCIPLE_DATA_TRANSIT,
         PILLARS_KEY: [DATA],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
     },
@@ -132,7 +132,7 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey accessed HTTP servers. Limit access to data by encrypting it in in-transit.",
             STATUS_PASSED: "Monkey didn't find open HTTP servers. If you have such servers, look for alerts that indicate attempts to access them."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_DATA_TRANSIT,
+        PRINCIPLE_KEY: PRINCIPLE_DATA_TRANSIT,
         PILLARS_KEY: [DATA],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
     },
@@ -141,7 +141,7 @@ TESTS_MAP = {
         FINDING_EXPLANATION_BY_STATUS_KEY: {
             STATUS_FAILED: "Monkey was tunneled its traffic using other monkeys. Your network policies are too permissive - restrict them."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_RESTRICTIVE_NETWORK_POLICIES,
+        PRINCIPLE_KEY: PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES,
         PILLARS_KEY: [NETWORKS, VISIBILITY_ANALYTICS],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED]
     },
@@ -151,7 +151,7 @@ TESTS_MAP = {
             STATUS_FAILED: "Monkey was able to cause a new user to access the network. Your network policies are too permissive - restrict them to MAC only.",
             STATUS_PASSED: "Monkey wasn't able to cause a new user to access the network."
         },
-        RECOMMENDATION_KEY: RECOMMENDATION_USERS_MAC_POLICIES,
+        PRINCIPLE_KEY: PRINCIPLE_USERS_MAC_POLICIES,
         PILLARS_KEY: [PEOPLE, NETWORKS, VISIBILITY_ANALYTICS],
         POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
     },
@@ -171,15 +171,15 @@ PILLARS_TO_TESTS = {
     AUTOMATION_ORCHESTRATION: []
 }
 
-RECOMMENDATIONS_TO_TESTS = {}
+PRINCIPLES_TO_TESTS = {}
 
-RECOMMENDATIONS_TO_PILLARS = {}
+PRINCIPLES_TO_PILLARS = {}
 
 
 def populate_mappings():
     populate_pillars_to_tests()
-    populate_recommendations_to_tests()
+    populate_principles_to_tests()
-    populate_recommendations_to_pillars()
+    populate_principles_to_pillars()
 
 
 def populate_pillars_to_tests():
@@ -189,17 +189,17 @@ def populate_pillars_to_tests():
                 PILLARS_TO_TESTS[pillar].append(test)
 
 
-def populate_recommendations_to_tests():
+def populate_principles_to_tests():
-    for single_recommendation in RECOMMENDATIONS:
+    for single_principle in PRINCIPLES:
-        RECOMMENDATIONS_TO_TESTS[single_recommendation] = []
+        PRINCIPLES_TO_TESTS[single_principle] = []
     for test, test_info in TESTS_MAP.items():
-        RECOMMENDATIONS_TO_TESTS[test_info[RECOMMENDATION_KEY]].append(test)
+        PRINCIPLES_TO_TESTS[test_info[PRINCIPLE_KEY]].append(test)
 
 
-def populate_recommendations_to_pillars():
+def populate_principles_to_pillars():
-    for recommendation, recommendation_tests in RECOMMENDATIONS_TO_TESTS.items():
+    for principle, principle_tests in PRINCIPLES_TO_TESTS.items():
-        recommendations_pillars = set()
+        principles_pillars = set()
-        for test in recommendation_tests:
+        for test in principle_tests:
             for pillar in TESTS_MAP[test][PILLARS_KEY]:
-                recommendations_pillars.add(pillar)
+                principles_pillars.add(pillar)
-        RECOMMENDATIONS_TO_PILLARS[recommendation] = recommendations_pillars
+        PRINCIPLES_TO_PILLARS[principle] = principles_pillars

monkey/monkey_island/cc/models/zero_trust/finding.py

@@ -14,12 +14,12 @@ from monkey_island.cc.models.zero_trust.event import Event
 class Finding(Document):
     """
     This model represents a Zero-Trust finding: A result of a test the monkey/island might perform to see if a
-    specific recommendation of zero trust is upheld or broken.
+    specific principle of zero trust is upheld or broken.
 
     Findings might have the following statuses:
         Failed ❌
             Meaning that we are sure that something is wrong (example: segmentation issue).
-        Inconclusive ⁉
+        Verify ⁉
             Meaning that we need the user to check something himself (example: 2FA logs, AV missing).
         Passed ✔
             Meaning that we are sure that something is correct (example: Monkey failed exploiting).

monkey/monkey_island/cc/models/zero_trust/test_aggregate_finding.py

@@ -11,7 +11,7 @@ class TestAggregateFinding(IslandTestCase):
         self.clean_finding_db()
 
         test = TEST_MALICIOUS_ACTIVITY_TIMELINE
-        status = STATUS_INCONCLUSIVE
+        status = STATUS_VERIFY
         events = [Event.create_event("t", "t", EVENT_TYPE_ISLAND)]
         self.assertEquals(len(Finding.objects(test=test, status=status)), 0)
 
@@ -30,7 +30,7 @@ class TestAggregateFinding(IslandTestCase):
         self.clean_finding_db()
 
         test = TEST_MALICIOUS_ACTIVITY_TIMELINE
-        status = STATUS_INCONCLUSIVE
+        status = STATUS_VERIFY
         event = Event.create_event("t", "t", EVENT_TYPE_ISLAND)
         events = [event]
         self.assertEquals(len(Finding.objects(test=test, status=status)), 0)

monkey/monkey_island/cc/resources/reporting/report.py

@@ -14,7 +14,7 @@ REPORT_TYPES = [SECURITY_REPORT_TYPE, ZERO_TRUST_REPORT_TYPE]
 
 REPORT_DATA_PILLARS = "pillars"
 REPORT_DATA_FINDINGS = "findings"
-REPORT_DATA_RECOMMENDATIONS_STATUS = "recommendations"
+REPORT_DATA_PRINCIPLES_STATUS = "principles"
 
 __author__ = ["itay.mizeretz", "shay.nehmad"]
 
@@ -33,8 +33,8 @@ class Report(flask_restful.Resource):
                         "grades": ZeroTrustService.get_pillars_grades()
                     }
                 )
-            elif report_data == REPORT_DATA_RECOMMENDATIONS_STATUS:
+            elif report_data == REPORT_DATA_PRINCIPLES_STATUS:
-                return jsonify(ZeroTrustService.get_recommendations_status())
+                return jsonify(ZeroTrustService.get_principles_status())
             elif report_data == REPORT_DATA_FINDINGS:
                 return jsonify(ZeroTrustService.get_all_findings())
 

monkey/monkey_island/cc/services/reporting/test_zero_trust_service.py

@@ -11,12 +11,12 @@ def save_example_findings():
     Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_PASSED, [])  # devices passed = 2
     Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_FAILED, [])  # devices failed = 1
     # devices unexecuted = 1
-    # people inconclusive = 1
+    # people verify = 1
-    # networks inconclusive = 1
+    # networks verify = 1
-    Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_INCONCLUSIVE, [])
+    Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
-    # people inconclusive = 2
+    # people verify = 2
-    # networks inconclusive = 2
+    # networks verify = 2
-    Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_INCONCLUSIVE, [])
+    Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
     # data failed 1
     Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
     # data failed 2
@@ -27,10 +27,10 @@ def save_example_findings():
     Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
     # data failed 5
     Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
-    # data inconclusive 1
+    # data verify 1
-    Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_INCONCLUSIVE, [])
+    Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
-    # data inconclusive 2
+    # data verify 2
-    Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_INCONCLUSIVE, [])
+    Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
     # data passed 1
     Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_PASSED, [])
 
@@ -45,49 +45,49 @@ class TestZeroTrustService(IslandTestCase):
         expected = [
             {
                 STATUS_FAILED: 5,
-                STATUS_INCONCLUSIVE: 2,
+                STATUS_VERIFY: 2,
                 STATUS_PASSED: 1,
                 STATUS_UNEXECUTED: 1,
                 "pillar": "Data"
             },
             {
                 STATUS_FAILED: 0,
-                STATUS_INCONCLUSIVE: 2,
+                STATUS_VERIFY: 2,
                 STATUS_PASSED: 0,
                 STATUS_UNEXECUTED: 0,
                 "pillar": "People"
             },
             {
                 STATUS_FAILED: 0,
-                STATUS_INCONCLUSIVE: 2,
+                STATUS_VERIFY: 2,
                 STATUS_PASSED: 0,
                 STATUS_UNEXECUTED: 2,
                 "pillar": "Networks"
             },
             {
                 STATUS_FAILED: 1,
-                STATUS_INCONCLUSIVE: 0,
+                STATUS_VERIFY: 0,
                 STATUS_PASSED: 2,
                 STATUS_UNEXECUTED: 1,
                 "pillar": "Devices"
             },
             {
                 STATUS_FAILED: 0,
-                STATUS_INCONCLUSIVE: 0,
+                STATUS_VERIFY: 0,
                 STATUS_PASSED: 0,
                 STATUS_UNEXECUTED: 0,
                 "pillar": "Workloads"
             },
             {
                 STATUS_FAILED: 0,
-                STATUS_INCONCLUSIVE: 0,
+                STATUS_VERIFY: 0,
                 STATUS_PASSED: 0,
                 STATUS_UNEXECUTED: 1,
                 "pillar": "Visibility & Analytics"
             },
             {
                 STATUS_FAILED: 0,
-                STATUS_INCONCLUSIVE: 0,
+                STATUS_VERIFY: 0,
                 STATUS_PASSED: 0,
                 STATUS_UNEXECUTED: 0,
                 "pillar": "Automation & Orchestration"
@@ -98,7 +98,7 @@ class TestZeroTrustService(IslandTestCase):
 
         self.assertEquals(result, expected)
 
-    def test_get_recommendations_status(self):
+    def test_get_principles_status(self):
         self.fail_if_not_testing_env()
         self.clean_finding_db()
 
@@ -108,7 +108,7 @@ class TestZeroTrustService(IslandTestCase):
             AUTOMATION_ORCHESTRATION: [],
             DATA: [
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_DATA_TRANSIT],
+                    "principle": PRINCIPLES[PRINCIPLE_DATA_TRANSIT],
                     "status": STATUS_FAILED,
                     "tests": [
                         {
@@ -124,7 +124,7 @@ class TestZeroTrustService(IslandTestCase):
             ],
             DEVICES: [
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_ENDPOINT_SECURITY],
+                    "principle": PRINCIPLES[PRINCIPLE_ENDPOINT_SECURITY],
                     "status": STATUS_FAILED,
                     "tests": [
                         {
@@ -140,7 +140,7 @@ class TestZeroTrustService(IslandTestCase):
             ],
             NETWORKS: [
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_SEGMENTATION],
+                    "principle": PRINCIPLES[PRINCIPLE_SEGMENTATION],
                     "status": STATUS_UNEXECUTED,
                     "tests": [
                         {
@@ -150,17 +150,17 @@ class TestZeroTrustService(IslandTestCase):
                     ]
                 },
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_USER_BEHAVIOUR],
+                    "principle": PRINCIPLES[PRINCIPLE_USER_BEHAVIOUR],
-                    "status": STATUS_INCONCLUSIVE,
+                    "status": STATUS_VERIFY,
                     "tests": [
                         {
-                            "status": STATUS_INCONCLUSIVE,
+                            "status": STATUS_VERIFY,
                             "test": TESTS_MAP[TEST_SCHEDULED_EXECUTION][TEST_EXPLANATION_KEY]
                         }
                     ]
                 },
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_ANALYZE_NETWORK_TRAFFIC],
+                    "principle": PRINCIPLES[PRINCIPLE_ANALYZE_NETWORK_TRAFFIC],
                     "status": STATUS_UNEXECUTED,
                     "tests": [
                         {
@@ -172,11 +172,11 @@ class TestZeroTrustService(IslandTestCase):
             ],
             PEOPLE: [
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_USER_BEHAVIOUR],
+                    "principle": PRINCIPLES[PRINCIPLE_USER_BEHAVIOUR],
-                    "status": STATUS_INCONCLUSIVE,
+                    "status": STATUS_VERIFY,
                     "tests": [
                         {
-                            "status": STATUS_INCONCLUSIVE,
+                            "status": STATUS_VERIFY,
                             "test": TESTS_MAP[TEST_SCHEDULED_EXECUTION][TEST_EXPLANATION_KEY]
                         }
                     ]
@@ -184,7 +184,7 @@ class TestZeroTrustService(IslandTestCase):
             ],
             "Visibility & Analytics": [
                 {
-                    "recommendation": RECOMMENDATIONS[RECOMMENDATION_ANALYZE_NETWORK_TRAFFIC],
+                    "principle": PRINCIPLES[PRINCIPLE_ANALYZE_NETWORK_TRAFFIC],
                     "status": STATUS_UNEXECUTED,
                     "tests": [
                         {
@@ -197,7 +197,7 @@ class TestZeroTrustService(IslandTestCase):
             "Workloads": []
         }
 
-        self.assertEquals(ZeroTrustService.get_recommendations_status(), expected)
+        self.assertEquals(ZeroTrustService.get_principles_status(), expected)
 
     def test_get_pillars_to_statuses(self):
         self.fail_if_not_testing_env()
@@ -222,8 +222,8 @@ class TestZeroTrustService(IslandTestCase):
         expected = {
             AUTOMATION_ORCHESTRATION: STATUS_UNEXECUTED,
             DEVICES: STATUS_FAILED,
-            NETWORKS: STATUS_INCONCLUSIVE,
+            NETWORKS: STATUS_VERIFY,
-            PEOPLE: STATUS_INCONCLUSIVE,
+            PEOPLE: STATUS_VERIFY,
             VISIBILITY_ANALYTICS: STATUS_UNEXECUTED,
             WORKLOADS: STATUS_UNEXECUTED,
             DATA: STATUS_FAILED

monkey/monkey_island/cc/services/reporting/zero_trust_service.py

@@ -17,7 +17,7 @@ class ZeroTrustService(object):
         pillar_grade = {
             "pillar": pillar,
             STATUS_FAILED: 0,
-            STATUS_INCONCLUSIVE: 0,
+            STATUS_VERIFY: 0,
             STATUS_PASSED: 0,
             STATUS_UNEXECUTED: 0
         }
@@ -39,30 +39,30 @@ class ZeroTrustService(object):
         return pillar_grade
 
     @staticmethod
-    def get_recommendations_status():
+    def get_principles_status():
-        all_recommendations_statuses = {}
+        all_principles_statuses = {}
 
         # init with empty lists
         for pillar in PILLARS:
-            all_recommendations_statuses[pillar] = []
+            all_principles_statuses[pillar] = []
 
-        for recommendation, recommendation_tests in RECOMMENDATIONS_TO_TESTS.items():
+        for principle, principle_tests in PRINCIPLES_TO_TESTS.items():
-            for pillar in RECOMMENDATIONS_TO_PILLARS[recommendation]:
+            for pillar in PRINCIPLES_TO_PILLARS[principle]:
-                all_recommendations_statuses[pillar].append(
+                all_principles_statuses[pillar].append(
                     {
-                        "recommendation": RECOMMENDATIONS[recommendation],
+                        "principle": PRINCIPLES[principle],
-                        "tests": ZeroTrustService.__get_tests_status(recommendation_tests),
+                        "tests": ZeroTrustService.__get_tests_status(principle_tests),
-                        "status": ZeroTrustService.__get_recommendation_status(recommendation_tests)
+                        "status": ZeroTrustService.__get_principle_status(principle_tests)
                     }
                 )
 
-        return all_recommendations_statuses
+        return all_principles_statuses
 
     @staticmethod
-    def __get_recommendation_status(recommendation_tests):
+    def __get_principle_status(principle_tests):
         worst_status = STATUS_UNEXECUTED
         all_statuses = set()
-        for test in recommendation_tests:
+        for test in principle_tests:
             all_statuses |= set(Finding.objects(test=test).distinct("status"))
 
         for status in all_statuses:
@@ -72,9 +72,9 @@ class ZeroTrustService(object):
         return worst_status
 
     @staticmethod
-    def __get_tests_status(recommendation_tests):
+    def __get_tests_status(principle_tests):
         results = []
-        for test in recommendation_tests:
+        for test in principle_tests:
             test_findings = Finding.objects(test=test)
             results.append(
                 {
@@ -124,7 +124,7 @@ class ZeroTrustService(object):
     def get_statuses_to_pillars():
         results = {
             STATUS_FAILED: [],
-            STATUS_INCONCLUSIVE: [],
+            STATUS_VERIFY: [],
             STATUS_PASSED: [],
             STATUS_UNEXECUTED: []
         }

monkey/monkey_island/cc/services/telemetry/zero_trust_tests/data_endpoints.py

@@ -69,6 +69,6 @@ def test_open_data_endpoints(telemetry_json):
 
     AggregateFinding.create_or_add_to_existing(
         test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
-        status=STATUS_INCONCLUSIVE,
+        status=STATUS_VERIFY,
         events=events
     )

monkey/monkey_island/cc/services/telemetry/zero_trust_tests/machine_exploited.py

@@ -38,6 +38,6 @@ def test_machine_exploited(current_monkey, exploit_successful, exploiter, target
 
     AggregateFinding.create_or_add_to_existing(
         test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
-        status=STATUS_INCONCLUSIVE,
+        status=STATUS_VERIFY,
         events=events
     )

monkey/monkey_island/cc/services/telemetry/zero_trust_tests/tunneling.py

@@ -1,4 +1,4 @@
-from common.data.zero_trust_consts import TEST_TUNNELING, STATUS_FAILED, EVENT_TYPE_MONKEY_NETWORK, STATUS_INCONCLUSIVE, \
+from common.data.zero_trust_consts import TEST_TUNNELING, STATUS_FAILED, EVENT_TYPE_MONKEY_NETWORK, STATUS_VERIFY, \
     TEST_MALICIOUS_ACTIVITY_TIMELINE
 from monkey_island.cc.models import Monkey
 from monkey_island.cc.models.zero_trust.aggregate_finding import AggregateFinding
@@ -26,6 +26,6 @@ def test_tunneling_violation(tunnel_telemetry_json):
 
         AggregateFinding.create_or_add_to_existing(
             test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
-            status=STATUS_INCONCLUSIVE,
+            status=STATUS_VERIFY,
             events=tunneling_events
         )

monkey/monkey_island/cc/ui/src/components/pages/ZeroTrustReportPage.js

@@ -8,7 +8,7 @@ import PrintReportButton from "../report-components/common/PrintReportButton";
 import {extractExecutionStatusFromServerResponse} from "../report-components/common/ExecutionStatus";
 import SummarySection from "../report-components/zerotrust/SummarySection";
 import FindingsSection from "../report-components/zerotrust/FindingsSection";
-import RecommendationsSection from "../report-components/zerotrust/RecommendationsSection";
+import PrinciplesSection from "../report-components/zerotrust/PrinciplesSection";
 
 class ZeroTrustReportPageComponent extends AuthComponent {
 
@@ -72,7 +72,7 @@ class ZeroTrustReportPageComponent extends AuthComponent {
     } else {
       content = <div id="MainContentSection">
         <SummarySection allMonkeysAreDead={this.state.allMonkeysAreDead} pillars={this.state.pillars}/>
-        <RecommendationsSection recommendations={this.state.recommendations}
+        <PrinciplesSection principles={this.state.principles}
                            pillarsToStatuses={this.state.pillars.pillarsToStatuses}/>
         <FindingsSection pillarsToStatuses={this.state.pillars.pillarsToStatuses} findings={this.state.findings}/>
       </div>;
@@ -102,7 +102,7 @@ class ZeroTrustReportPageComponent extends AuthComponent {
   stillLoadingDataFromServer() {
     return typeof this.state.findings === "undefined"
       || typeof this.state.pillars === "undefined"
-      || typeof this.state.recommendations === "undefined";
+      || typeof this.state.principles === "undefined";
   }
 
   getZeroTrustReportFromServer() {
@@ -114,11 +114,11 @@ class ZeroTrustReportPageComponent extends AuthComponent {
           findings: res
         });
       });
-    this.authFetch('/api/report/zero_trust/recommendations')
+    this.authFetch('/api/report/zero_trust/principles')
       .then(res => res.json())
       .then(res => {
         this.setState({
-          recommendations: res
+          principles: res
         });
       });
     this.authFetch('/api/report/zero_trust/pillars')

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/FindingsSection.js

@@ -35,7 +35,7 @@ class FindingsSection extends Component {
         </p>
 
         <FindingsTable data={findingsByStatus[ZeroTrustStatuses.failed]} status={ZeroTrustStatuses.failed}/>
-        <FindingsTable data={findingsByStatus[ZeroTrustStatuses.inconclusive]} status={ZeroTrustStatuses.inconclusive}/>
+        <FindingsTable data={findingsByStatus[ZeroTrustStatuses.verify]} status={ZeroTrustStatuses.verify}/>
         <FindingsTable data={findingsByStatus[ZeroTrustStatuses.passed]} status={ZeroTrustStatuses.passed}/>
       </div>
     );

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/PrinciplesSection.js

@@ -0,0 +1,29 @@
+import React, {Component} from "react";
+import SinglePillarPrinciplesStatus from "./SinglePillarPrinciplesStatus";
+import * as PropTypes from "prop-types";
+
+export default class PrinciplesSection extends Component {
+  render() {
+    return <div id="principles-section">
+      <h2>Test Results</h2>
+      <p>
+        The Zero Trust eXtended (ZTX) framework is composed of 7 pillars. Each pillar is built of
+        several guiding principles tested by the Infection Monkey.
+      </p>
+      {
+        Object.keys(this.props.principles).map((pillar) =>
+          <SinglePillarPrinciplesStatus
+            key={pillar}
+            pillar={pillar}
+            principlesStatus={this.props.principles[pillar]}
+            pillarsToStatuses={this.props.pillarsToStatuses}/>
+        )
+      }
+    </div>
+  }
+}
+
+PrinciplesSection.propTypes = {
+  principles: PropTypes.object,
+  pillarsToStatuses: PropTypes.object
+};

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/PrinciplesStatusTable.js

@@ -16,7 +16,7 @@ const columns = [
         },
         maxWidth: MAX_WIDTH_STATUS_COLUMN
       },
-      { Header: 'ZT Recommendation', accessor: 'recommendation',
+      { Header: 'Zero Trust Principle', accessor: 'principle',
         style: {'whiteSpace': 'unset'}  // This enables word wrap
       },
       { Header: 'Monkey Tests', id: 'tests',
@@ -34,7 +34,7 @@ class TestsStatus extends AuthComponent {
     return (
       <Fragment>
         {this.getFilteredTestsByStatusIfAny(ZeroTrustStatuses.failed)}
-        {this.getFilteredTestsByStatusIfAny(ZeroTrustStatuses.inconclusive)}
+        {this.getFilteredTestsByStatusIfAny(ZeroTrustStatuses.verify)}
         {this.getFilteredTestsByStatusIfAny(ZeroTrustStatuses.passed)}
         {this.getFilteredTestsByStatusIfAny(ZeroTrustStatuses.unexecuted)}
       </Fragment>
@@ -60,12 +60,12 @@ class TestsStatus extends AuthComponent {
   }
 }
 
-export class RecommendationsStatusTable extends AuthComponent {
+export class PrinciplesStatusTable extends AuthComponent {
   render() {
-    return <PaginatedTable data={this.props.recommendationsStatus} columns={columns} pageSize={5}/>;
+    return <PaginatedTable data={this.props.principlesStatus} columns={columns} pageSize={5}/>;
   }
 }
 
-export default RecommendationsStatusTable;
+export default PrinciplesStatusTable;
 
-RecommendationsStatusTable.propTypes = {recommendationsStatus: PropTypes.array};
+PrinciplesStatusTable.propTypes = {principlesStatus: PropTypes.array};

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/RecommendationsSection.js

@@ -1,29 +0,0 @@
-import React, {Component} from "react";
-import SinglePillarRecommendationsStatus from "./SinglePillarRecommendationsStatus";
-import * as PropTypes from "prop-types";
-
-export default class RecommendationsSection extends Component {
-  render() {
-    return <div id="recommendations-section">
-      <h2>Recommendations</h2>
-      <p>
-        Analyze each zero trust recommendation by pillar, and see if you've followed through with it. See test results
-        to understand how the monkey tested your adherence to that recommendation.
-      </p>
-      {
-        Object.keys(this.props.recommendations).map((pillar) =>
-          <SinglePillarRecommendationsStatus
-            key={pillar}
-            pillar={pillar}
-            recommendationsStatus={this.props.recommendations[pillar]}
-            pillarsToStatuses={this.props.pillarsToStatuses}/>
-        )
-      }
-    </div>
-  }
-}
-
-RecommendationsSection.propTypes = {
-  recommendations: PropTypes.object,
-  pillarsToStatuses: PropTypes.object
-};

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/ReportLegend.js

@@ -36,7 +36,7 @@ class ZeroTrustReportLegend extends Component {
         </li>
         <li>
           <div style={{display: "inline-block"}}>
-            <StatusLabel showText={true} status={ZeroTrustStatuses.inconclusive}/>
+            <StatusLabel showText={true} status={ZeroTrustStatuses.verify}/>
           </div>
           {"\t"}At least one of the tests’ results related to this component requires further manual verification.
         </li>
@@ -50,11 +50,10 @@ class ZeroTrustReportLegend extends Component {
           <div style={{display: "inline-block"}}>
             <StatusLabel showText={true} status={ZeroTrustStatuses.unexecuted}/>
           </div>
-          {"\t"}This status means the test wasn't executed.
+          {"\t"}This status means the test wasn't executed.To activate more tests, refer to the Monkey <NavLink to="/configuration"><u>configuration</u></NavLink> page.
         </li>
       </ul>
       <hr />
-      To activate more tests, go to the Monkey <NavLink to="/configuration"><u>configuration</u></NavLink> page.n
     </div>;
   }
 }

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/SinglePillarPrinciplesStatus.js

@@ -1,13 +1,13 @@
 import AuthComponent from "../../AuthComponent";
 import PillarLabel from "./PillarLabel";
-import RecommendationsStatusTable from "./RecommendationsStatusTable";
+import PrinciplesStatusTable from "./PrinciplesStatusTable";
 import React from "react";
 import * as PropTypes from "prop-types";
 import {Panel} from "react-bootstrap";
 
-export default class SinglePillarRecommendationsStatus extends AuthComponent {
+export default class SinglePillarPrinciplesStatus extends AuthComponent {
   render() {
-    if (this.props.recommendationsStatus.length === 0) {
+    if (this.props.principlesStatus.length === 0) {
       return null;
     }
     else {
@@ -22,7 +22,7 @@ export default class SinglePillarRecommendationsStatus extends AuthComponent {
           </Panel.Heading>
           <Panel.Collapse>
             <Panel.Body>
-              <RecommendationsStatusTable recommendationsStatus={this.props.recommendationsStatus}/>
+              <PrinciplesStatusTable principlesStatus={this.props.principlesStatus}/>
             </Panel.Body>
           </Panel.Collapse>
         </Panel>
@@ -31,7 +31,7 @@ export default class SinglePillarRecommendationsStatus extends AuthComponent {
   }
 }
 
-SinglePillarRecommendationsStatus.propTypes = {
+SinglePillarPrinciplesStatus.propTypes = {
-  recommendationsStatus: PropTypes.array,
+  principlesStatus: PropTypes.array,
   pillar: PropTypes.string,
 };

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/StatusLabel.js

@@ -3,14 +3,14 @@ import * as PropTypes from "prop-types";
 
 const statusToIcon = {
   "Passed": "fa-check",
-  "Inconclusive": "fa-exclamation-triangle",
+  "Verify": "fa-exclamation-triangle",
   "Failed": "fa-bomb",
   "Unexecuted": "fa-question",
 };
 
 export const statusToLabelType = {
   "Passed": "label-success",
-  "Inconclusive": "label-warning",
+  "Verify": "label-warning",
   "Failed": "label-danger",
   "Unexecuted": "label-default",
 };

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/StatusesToPillarsSummary.js

@@ -8,7 +8,7 @@ export default class StatusesToPillarsSummary extends Component {
   render() {
     return (<div id="piilar-summary">
       {this.getStatusSummary(ZeroTrustStatuses.failed)}
-      {this.getStatusSummary(ZeroTrustStatuses.inconclusive)}
+      {this.getStatusSummary(ZeroTrustStatuses.verify)}
       {this.getStatusSummary(ZeroTrustStatuses.passed)}
       {this.getStatusSummary(ZeroTrustStatuses.unexecuted)}
     </div>);

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/SummarySection.js

@@ -14,7 +14,8 @@ export default class SummarySection extends Component {
           <Col xs={12} sm={12} md={12} lg={12}>
             <MonkeysStillAliveWarning allMonkeysAreDead={this.props.allMonkeysAreDead}/>
             <p>
-              Get a quick glance of the status for each of Zero Trust's seven pillars.
+              Get a quick glance at how your network aligns with the <a href="https://www.forrester.com/report/The+Zero+Trust+eXtended+ZTX+Ecosystem/-/E-RES137210">Zero
+              Trust eXtended (ZTX) framework</a>.
             </p>
           </Col>
         </Row>
@@ -27,20 +28,6 @@ export default class SummarySection extends Component {
             <ZeroTrustReportLegend/>
           </Col>
         </Row>
-        <Row>
-          <Col xs={12} sm={12} md={12} lg={12}>
-            <h4>What am I seeing?</h4>
-            <p>
-              The <a href="https://www.forrester.com/report/The+Zero+Trust+eXtended+ZTX+Ecosystem/-/E-RES137210">Zero
-              Trust eXtended framework</a> categorizes its <b>recommendations</b> into 7 <b>pillars</b>. Infection
-              Monkey
-              Zero Trust edition tests some of those recommendations. The <b>tests</b> that the monkey executes
-              produce <b>findings</b>. The tests, recommendations and pillars are then granted a <b>status</b> in
-              accordance
-              with the tests results.
-            </p>
-          </Col>
-        </Row>
       </Grid>
     </div>
   }

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/ZeroTrustPillars.js

@@ -10,7 +10,7 @@ export const ZeroTrustPillars = {
 
 export const ZeroTrustStatuses = {
   failed: "Failed",
-  inconclusive: "Inconclusive",
+  verify: "Verify",
   passed: "Passed",
   unexecuted: "Unexecuted"
 };

monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js

@@ -78,23 +78,22 @@ class VennDiagram extends React.Component {
     RULE #1: All scores have to be equal 0, except Unexecuted [U] which could be also a negative integer
              sum(C, I, P) has to be <=0
 
-    RULE #2: Conclusive [C] has to be > 0,
+    RULE #2: Failed [C] has to be > 0,
              sum(C) > 0
 
-    RULE #3: Inconclusive [I] has to be > 0 while Conclusive has to be 0,
+    RULE #3: Verify [I] has to be > 0 while Failed has to be 0,
              sum(C, I) > 0 and C * I = 0, while C has to be 0
 
     RULE #4: By process of elimination, passed.
              if the P is bigger by 2 then negative U, first conditional
              would be true.
-
     */
 
     this.rules = [
 
       {
         id: 'Rule #1', status: ZeroTrustStatuses.unexecuted, hex: '#777777', f: function (d_) {
-          return d_[ZeroTrustStatuses.failed] + d_[ZeroTrustStatuses.inconclusive] + d_[ZeroTrustStatuses.passed] === 0;
+          return d_[ZeroTrustStatuses.failed] + d_[ZeroTrustStatuses.verify] + d_[ZeroTrustStatuses.passed] === 0;
         }
       },
       {
@@ -103,8 +102,8 @@ class VennDiagram extends React.Component {
         }
       },
       {
-        id: 'Rule #3', status: 'Inconclusive', hex: '#F0AD4E', f: function (d_) {
+        id: 'Rule #3', status: ZeroTrustStatuses.verify, hex: '#F0AD4E', f: function (d_) {
-          return d_[ZeroTrustStatuses.failed] === 0 && d_[ZeroTrustStatuses.inconclusive] > 0;
+          return d_[ZeroTrustStatuses.failed] === 0 && d_[ZeroTrustStatuses.verify] > 0;
         }
       },
       {