GovOps Version 2.0

You can now request a use case of choice if you do not get the required use case in the catalog or want to request a customized use case. By clicking the + New Request button in Use Case Catalog, you will get a form where you can fill in all of the fields required and submit it.

Once you submit the form, the UCF team will receive a request which they will review and add to the catalog if it is a relevant use case. You will get the list of all requested use cases on the Requests page of the GovOps application, with the following columns: Request ID, Use Case Requests Name, Status, Use Case ID, Request Date, and Requester.

You can use the Customer Toggle button to view the Request page for different customers. Using pagination and move-top functionality, you can view 20 requests on a single page.

You can save the MITRE ATTACK NAVIGATOR heatmap for future reference. Use the Save Heatmap button on the MITRE ATTACK NAVIGATOR to save the heatmap present on it, by filling in the required fields of the pop-up. All saved heatmaps for a particular customer will be displayed on the Saved Heatmaps page of the GovOps application. This will have the following columns: Heatmap Name, Description, Created By, Created On, and Actions. You can view that heatmap by clicking the View In Navigator link in the Actions column.

You can sort the heatmap list by the Heatmap Name and Created By columns, in ascending and descending orders.

Use the Customer Toggle button to view the Saved Heatmaps page of different customers.

You can search a particular heatmap of a group of heatmaps by Heatmap Name and Description, using the search functionality. Using pagination and move-top functionality, you can view 20 heatmaps on a single page.

You can find Use Cases by typing the Use Case Name, Use Case ID, Tactics, or Log Sources in the search bar at the top right of the Catalog page. Searched keywords are highlighted to identify why Use Cases are part of the search result.

Use the filter option to find Use Cases for a particular criteria. For example, by a particular log source/technique to know the current detection coverage for the log source/technique.

The Filter panel opens to the right when clicking the Filter button.

You can type directly into the field to find the value to filter. Using the Apply button to applied filters will be visible as chiplets on the Use Case Catalog page, with values visible on hover. The Clear All option can be used to reset the Use Case Catalog to the default state.

The Settings page is a separate MFE in the GovOps application that is only accessible to users with Admin access. For other users, the Settings icon will not visible and the Settings page will not be accessible.

Settings MFE includes the following features:

• User Management
• Customer Profile
• Data Ingestion Settings (Includes Allowed Values)

User Management

You can see the User table on the User Management page. This features the following columns: User ID, User Name, Customer Name, Application Role, and Actions.

You can add or update users by clicking on the + Add User button or Edit icon, and saving it by filling in all of the required fields in the pop-up.

You can delete any user except your own, using the delete icon. Using pagination functionality, the user can view 10 users on a single page.

You can sort the table alphabetically in ascending and descending order by the USER ID (email address of the user) column.

You can search for a particular user by any column using the Search functionality.

Customer Profile

You can find the Customer table on the Customer Profile page. This table has the following columns: Customer ID, Customer Name, Status, and Actions.

You can add and update customers by clicking the + Create New Customer button or Edit icon, and saving it by filling in all of the required fields in the Create or edit a customer form.

You can activate/deactivate any customer. Using pagination functionality, you can view 10 customers on a single page.

You can search for a particular customer by any column using the Search functionality.

You can filter customers by the Status column, using the Status filter provided on the application.

Data Ingestion Settings

You can now run Data Ingestion, Invalid Use Case Report, and Allowed Values related operations.

You can run ingestion using the Start Ingestion button.

You can download the Invalid Use Cases report in Excel format by clicking the Invalid use cases report button.

You can add allowed values using the + Add allowed values button, and filling in all of the required fields in the pop-up.

You can search for particular allowed values or lists of allowed values, using the search functionality.

You can delete allowed values by clicking the Delete icon, and confirming on the pop-up that follows.

Using the pagination functionality, you can view 10 allowed values on a single page.

Library use cases that have recently (in the last 30 days) moved into production are the most important use cases. Now, you can see those use cases with a New tag. All use cases that are in production will be there on the top in descending order of the date of the move to Production. All other use cases will be below those, sorted in alphabetically ascending order.

We have worked on the integration of the NX repository in the frontend, that provides code sharing with NX for MFE, better DX for MFE with NX, and easier mono repo handling.

We have changed our approach to identifying the relationship between Master Use Cases and Customer Use Cases. We have changed the logic to accept use cases from AHA to the GovOps application.

The Old (Previous) Behavior

Eligible for Being CATALOG:

Linked Records check: Master Use Cases did not have any linked records associated with the customer library's use cases.

SIEM Platform Check for the use cases: The SIEM entered in the Customer profile needed to match the SIEM of the Master Use Case.

The New Behavior

Eligible for Being CATALOG

A] For Non-AXA customers:

Use Case ID based criteria:

If the Master Use Case ID = XX-XXX-XXX and Customer Use Case ID = XX-XXX-XXX-CustomerName, then this Master Use Case is not included in the Customer Catalog.

i.e., (XX-XXX-XXX != XX-XXX-XXX-CustomerName) when the master Use Case ID is mismatched with the customer Use Case ID.

The SIEM entered in the Customer profile still needs to match the SIEM of the Master Use Case.

B] For AXA:

Linked Records check: Master Use Cases should not have any linked records associated with the customer libraries.

SIEM Check for Use Cases: The SIEM entered in the Customer profile still needs to match the SIEM of the Master Use Case.

Users are now better informed on system states and actions with tooltips, added screens for empty tables, modified pop-ups, dropdowns, toaster messages, form constraints, and illustrations. Also, the Log Source Vendor field was renamed to Log Source Service.

Tooltips:

Screen for Empty Table:

Success Toaster:

Failure Toaster:

Log Source Service:

Pop-Up, Drop-Down, Form Constraints:

The DevOps team has worked on several DevOps tasks and deployments, especially the new Settings MFE. The QA team has worked on the regression document, sanity document preparation, Regression Test on Test environment, Sanity Test on Pre-Production environment, Sanity Test on Production environment, and QA tasks required for UCF team clarifications. Along with that, the team has worked on fixing AXA VAPT findings for GovOps, GovOps V1.1 Product bugs, etc.

• Error as standalone Micro Frontend application (UCC-1226).
• Long string pasted in Filter fields distorts UI (UCC-696).
• Same data is accepted in Filed value Field if we have to change the case of the letter from upper to lower case, and vice versa (UCC-2005).
• Last updated time is not updating in the UI after switching tabs on Use Cases MFE (UCC-2519).
• Error page comes by blocking lastUpdatedTime API (UCC-1686).