David/veylant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
veylant/docs/pentest-scope.md
David 6b1ba49922 First commit
2026-02-23 13:35:04 +01:00

5.3 KiB
Raw Permalink Blame History

Veylant IA — Pentest Scope & Rules of Engagement

Sprint 12 / Milestone 5 — Grey Box Assessment Planned window: 2026-06-09 → 2026-06-20 (2 weeks)

1. Objectives

Validate the security posture of the Veylant IA platform before the Go/No-Go production decision (Sprint 13). Identify vulnerabilities rated CVSS ≥ 7.0 (High) and confirm that:

  • Authentication and authorisation cannot be bypassed
  • PII pseudonyms cannot be extracted or reversed from API responses alone
  • Multi-tenant isolation holds (tenant A cannot read tenant B's data)
  • Rate limiting and circuit breakers withstand realistic abuse patterns
  • The Playground public endpoint cannot be leveraged for further attacks

2. Target Scope

In Scope

Component URL / Host Port(s)
Proxy API (staging) api-staging.veylant.ai 443 (HTTPS)
PII sidecar api-staging.veylant.ai (via proxy only)
Admin API api-staging.veylant.ai/v1/admin/* 443
Public Playground api-staging.veylant.ai/playground 443
Keycloak IAM auth-staging.veylant.ai 443
Kubernetes cluster (read-only namespace scan) Staging cluster only
PostgreSQL (via proxy only — no direct DB access)

Out of Scope

  • Production environment (api.veylant.ai) — strictly off-limits
  • ClickHouse and Redis (no public exposure; internal network only)
  • HashiCorp Vault (managed externally by ops team)
  • Physical infrastructure
  • Social engineering / phishing against employees
  • DoS/DDoS against production or shared infrastructure

3. Assessment Type

Grey Box — the pentester receives:

Provided Not provided
Keycloak credentials for 4 test accounts (admin, manager, user, auditor roles) Go source code
OpenAPI 3.1 spec (/docs/openapi.yaml) Database schema
Integration guide (docs/integration-guide.md) Internal network access
Admin guide (docs/admin-guide.md) Vault tokens

4. Priority Attack Surfaces

4.1 Authentication & JWT

  • JWT algorithm confusion (HS256 vs RS256)
  • Expired or malformed token acceptance
  • Missing claims (tenant_id, roles) — fail-safe behaviour
  • OIDC issuer URL substitution

4.2 Multi-Tenant Isolation

  • Access to another tenant's audit logs via /v1/admin/logs?tenant_id=…
  • Cross-tenant policy mutation via /v1/admin/policies
  • GDPR erasure of another tenant's user

4.3 RBAC Bypass

  • Privilege escalation from useradmin via role manipulation
  • Auditor accessing /v1/chat/completions (should 403)
  • Requesting a restricted model as a user-role token

4.4 PII Service

  • Submitting payloads designed to extract or brute-force pseudonyms
  • Bypassing PII with Unicode homoglyphs, zero-width chars, etc.
  • Injecting prompt content that survives anonymization

4.5 Public Playground (/playground/analyze)

  • Rate limit bypass (spoofed IPs, X-Forwarded-For header)
  • SSRF via crafted text content
  • Data exfiltration via error messages

4.6 Injection

  • SQL injection in filter params (/v1/admin/logs?provider=, etc.)
  • Header injection (newline in model name, etc.)
  • Path traversal in admin endpoints

4.7 Security Headers

  • CSP bypass for dashboard routes
  • CORS misconfiguration (verify allowed origins enforcement)
  • HSTS preload validity

5. Rules of Engagement

  1. No DoS against production — load must remain under 5 req/s against staging
  2. No data exfiltration — do not extract real user data; staging test data only
  3. No social engineering — testing of technical controls only
  4. Scope boundary — immediately stop and notify contact if production is inadvertently reached
  5. Disclosure — all findings disclosed within 24h of discovery to security contact
  6. Credential handling — provided test credentials must not be shared; rotated post-pentest

6. Contacts

Role Name Contact
Security contact (pentest lead) TBD security@veylant.ai
Technical contact David (CTO) david@veylant.ai
Keycloak credential issuance Ops team ops@veylant.ai

7. Timeline

Date Milestone
2026-06-09 Kick-off call; credentials provided
2026-06-09→13 Reconnaissance & automated scanning
2026-06-14→18 Manual exploitation & chaining
2026-06-19 Debrief call; preliminary findings shared
2026-06-26 Final report delivered
2026-06-30 Remediation deadline for Critical/High

8. Deliverables

The pentester must deliver:

  1. Executive summary (12 pages, non-technical, CVSS risk heatmap)
  2. Technical report — one section per finding:
    • CVSS v3.1 score + vector
    • Reproduction steps (curl/code)
    • PoC for Critical and High severity
    • Recommended remediation
  3. Retest report — confirm fixes after remediation (within 1 week of fixes)

Format: PDF + raw findings in Markdown (for import into Linear backlog)

9. Acceptance Criteria for Sprint 13 Go/No-Go

Criterion Target
Critical findings 0 open
High findings 0 open (or accepted with compensating controls)
Medium findings < 3 open, all with mitigation plan
Report delivered ≥ 7 days before Sprint 13 review