Skip to content

feat(iso27001-gap): add threat intelligence to risk register evidence gates#2765

Closed
zeroknowledge0x wants to merge 1 commit into
UnitOneAI:mainfrom
zeroknowledge0x:improve/iso27001-gap-threat-intel-gates
Closed

feat(iso27001-gap): add threat intelligence to risk register evidence gates#2765
zeroknowledge0x wants to merge 1 commit into
UnitOneAI:mainfrom
zeroknowledge0x:improve/iso27001-gap-threat-intel-gates

Conversation

@zeroknowledge0x

@zeroknowledge0x zeroknowledge0x commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown

Closes #2768

Follows the issue-first policy now that #2768 documents this skill.

If the policy requires the issue to carry the approved label before a PR can stay open, please add that label to #2768 — happy to close again and wait.

@zeroknowledge0x
feat(iso27001-gap): add threat intelligence to risk register evidence…
9b886cf 
… gates

Add structured threat intelligence evidence flow framework to A.5.7:
- Intelligence Source: documented source of threat intelligence
- Relevance Decision: documented assessment of applicability
- Risk Register Link: traceable connection to register item
- Treatment Owner: named individual/role for risk response
- Residual Score Update: score updated when threat changes
- Review Timestamp: when intelligence was reviewed

Add false positive guidance for advisory-only feeds.
Add missed variant detection for supplier-specific advisories.
Add edge case handling for duplicate feeds, regional advisories.
Add remediation quality checklist for intelligence improvements.

Closes UnitOneAI#2704

Signed-off-by: ZKA SUPER <zeroknowledge0x@users.noreply.github.com>
@github-actions github-actions Bot added the needs-approved-issue PR has no linked maintainer-approved issue label Jun 22, 2026
@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown

Thanks for the submission! 🙏 SecuritySkills is now issue-first: contributions need a linked issue that a maintainer has marked approved before a PR is opened.

Please open an issue describing the skill, wait for the approved label, then reopen this PR with Closes #<issue> in the description. The PR template lists everything we'll look for (including an independently runnable reproduction).

@github-actions github-actions Bot closed this Jun 22, 2026
This was referenced Jun 22, 2026
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kamalsrini kamalsrini Awaiting requested review from kamalsrini kamalsrini is a code owner

Assignees

No one assigned

Labels

needs-approved-issue PR has no linked maintainer-approved issue

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add threat intelligence evidence gates to ISO27001 A.5.7 risk register

1 participant

@zeroknowledge0x