nis2-agile

AdminGit2026/nis2-agile

Fork 0

Commit Graph

Author	SHA1	Message	Date
DevEnv nis2-agile	4924075142	[FEAT] Asset import CMDB/cloud + scoring automatico GV.OC-04 (P2) - AssetScoringService::inferCriteria: euristica 6 criteri da campi CMDB (criticality, data_classification, internet_facing, dependencies, regulated) - AssetController::import (JWT org_admin/compliance_manager) + bulkUpsert condiviso: upsert dedup su external_ref, scoring auto GV.OC-04, max 1000 asset/batch - ServicesController::ingestAssets -> POST /services/assets-ingest (scope ingest:assets) per connettori CMDB/cloud - Migrazione 025: assets += external_ref + discovery_source + indice univoco dedup - Route POST:assetsIngest (services) + POST:import (assets) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-05-30 09:14:12 +02:00
DevEnv nis2-agile	5c545ea3d0	[FEAT] Integrazione analisi docs/nis2 v1.7.0 — scoring asset, tassonomia incidenti, PIR, NIST CSF, fonti certe Fase 1 - Asset Relevance Scoring NIS2 (GV.OC-04): metodologia 0-100 a 6 criteri, AssetScoringService + endpoint scoringGrid/score/relevantSystems + UI assets.html + registro stampabile. Fase 2 - Tassonomia incidenti Determina ACN 164179/2025: IS-1..4 + regime essenziale/importante (Allegati 3/4). Fase 3 - Post-Incident Review (5-Whys) + metriche TTD/TTC/TTR + timestamp di fase. Fase 4 - Mapping NIST CSF 2.0 (43 controlli) reference-only. Fonti certe: registry config/nis2_sources.php + grounding AI (vieta riferimenti inventati) + citazioni help.js + ingest PDF normativi nella KB RAG (scripts/ingest-nis2-sources.php). Migrazioni 020/021/022 (additive idempotenti). Fix VectorService IP Qdrant (drift .5->.3). Analisi concorrenza Evix (docs/EVIX_ANALISI_CONCORRENZA.html, gap-driven). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-05-29 17:15:13 +02:00

Author

SHA1

Message

Date

DevEnv nis2-agile

4924075142

[FEAT] Asset import CMDB/cloud + scoring automatico GV.OC-04 (P2)

- AssetScoringService::inferCriteria: euristica 6 criteri da campi CMDB
  (criticality, data_classification, internet_facing, dependencies, regulated)
- AssetController::import (JWT org_admin/compliance_manager) + bulkUpsert condiviso:
  upsert dedup su external_ref, scoring auto GV.OC-04, max 1000 asset/batch
- ServicesController::ingestAssets -> POST /services/assets-ingest (scope ingest:assets) per connettori CMDB/cloud
- Migrazione 025: assets += external_ref + discovery_source + indice univoco dedup
- Route POST:assetsIngest (services) + POST:import (assets)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-05-30 09:14:12 +02:00

DevEnv nis2-agile

5c545ea3d0

[FEAT] Integrazione analisi docs/nis2 v1.7.0 — scoring asset, tassonomia incidenti, PIR, NIST CSF, fonti certe

Fase 1 - Asset Relevance Scoring NIS2 (GV.OC-04): metodologia 0-100 a 6 criteri,
  AssetScoringService + endpoint scoringGrid/score/relevantSystems + UI assets.html + registro stampabile.
Fase 2 - Tassonomia incidenti Determina ACN 164179/2025: IS-1..4 + regime essenziale/importante (Allegati 3/4).
Fase 3 - Post-Incident Review (5-Whys) + metriche TTD/TTC/TTR + timestamp di fase.
Fase 4 - Mapping NIST CSF 2.0 (43 controlli) reference-only.
Fonti certe: registry config/nis2_sources.php + grounding AI (vieta riferimenti inventati) +
  citazioni help.js + ingest PDF normativi nella KB RAG (scripts/ingest-nis2-sources.php).
Migrazioni 020/021/022 (additive idempotenti). Fix VectorService IP Qdrant (drift .5->.3).
Analisi concorrenza Evix (docs/EVIX_ANALISI_CONCORRENZA.html, gap-driven).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-05-29 17:15:13 +02:00

2 Commits