CaseFile: On the road 27001

To no longer be lost on the road 66 of ISO 27001, I am pleased to present Case File the latest Maltego Teeth. The latter is integrated into the Kali-Linux distribution.

The Maltego Case File application is available in Java with support for Windows / Mac / Linux systems and the official version is available on the Paterva website.

CaseFile !

CaseFile is a light emanation of Maltego Teeth. This is essentially the same graphical application with bridle functions (online investigation). CaseFile allows you to quickly add, bind, and analyze data across nodes.

The application has the possibility to view data stored in files in CSV, XLSX format and to export the representations in graphic format.

A complementary asset is the generation of a PDF report containing all the elements with the interactions.

The application focuses on a need for « offline » analysis, the sources of which are acquired « on the ground », gathering information from others on the team and drawing up an information card of their investigation.

The application responds to a formalization to represent attacks, threat scenarios, or a risk to a process. It is one of the indispensable tools of digital investigation.


The use case ISO 27001

Our use case was to be able to model the list of controls present in the appendix to ISO / IEC 27001: 2013 and thus to be able to attach actions or to follow the evolutions of this standard.

First step

To be able to model this standard, it was necessary to create three objects to take into account domains, objectives and security controls. The creation of entities (Manage Entity) is done fairly quickly with a naming of the object, a description, a unique name and a logo.

Second step

The modeling is done with the sliding of the objects on the sheet, then for each object, its attribute is assigned to it, namely in our case of use the domains, objectives and controls in the appendix of ISO 27001: 2013.

After this operation, we must establish the relations between the objects with the following relation:

One domain integrates one or more security objectives;
A goal incorporates one or more security controls.

Navigation in the cybergalaxy

The modeling of the controls  of ISO / IEC 27001, allows you to navigate the 14 domains listed below:

– A5  Security Policies
– A6 Organization of information security
– A7 Human Resource Security
– A8 Asset Management
– A9 Access control
– A10 Cryptography
– A11 Physical and environmental security
– A12 Operations security
– A13 Communications Security
– A14 Acquisition, development and maintenance
– A15 Supplier relationships
– A16 Information security incident management
– A17 Information security aspects of business continuity management
– A18 Compliance

and to identify the 35 objectives and 114 security controls of the standard. The documentation of the generated model is given in this report ISO27001_2013-EN

Stay on the course.

This modeling can meet both the mapping needs of the implementation of the ISO 27001 security controls, the management of its improvement axes or the audit of a system.

The mtgx modeling file is available on request via a linkedin message.