Spaces:

michaelmc1618
/

Consultus_Legis

Sleeping

App Files Files Community

michaelmc1618 commited on Aug 23, 2024

Commit

ce32810

verified ·

1 Parent(s): ca30f38

Update app.py

Browse files

Files changed (1) hide show

app.py +93 -67

app.py CHANGED Viewed

@@ -2,69 +2,84 @@ import os
 import pandas as pd
 import gradio as gr
 from datetime import datetime
-# Function to analyze audit data for GDPR compliance
 def analyze_data_for_gdpr(audit_data):
     findings = {
-        "system_info": {
-            "os_version": audit_data.get("os_version", "Unknown"),
-            "architecture": audit_data.get("architecture", "Unknown"),
-            "memory": audit_data.get("memory", "Unknown")
-        },
-        "disk_usage": {
-            "usage_percent": audit_data.get("disk_usage", {}).get("usage_percent", "Unknown"),
-        },
-        "network_info": {
-            "interfaces": audit_data.get("network_info", {}).get("interfaces", "Unknown"),
-        },
-        "security_measures": {
-            "encryption": audit_data.get("security_measures", {}).get("encryption", False),
-            "data_anonymization": audit_data.get("security_measures", {}).get("data_anonymization", False)
-        },
-        "running_processes": audit_data.get("running_processes", []),
-        "software_inventory": audit_data.get("software_inventory", [])
     }
     recommendations = []
-    if not findings["security_measures"]["encryption"]:
         recommendations.append("Implement Encryption: Ensure that both stored and transmitted data are encrypted.")
-    if not findings["security_measures"]["data_anonymization"]:
         recommendations.append("Implement Data Anonymization: Ensure that sensitive data is anonymized during storage.")
     return findings, recommendations
-# Function to analyze audit data for PCI compliance
 def analyze_data_for_pci(audit_data):
     findings = {
-        "pci_security": {
-            "firewall": audit_data.get("pci_security", {}).get("firewall", False),
-            "antivirus": audit_data.get("pci_security", {}).get("antivirus", False),
-            "intrusion_detection": audit_data.get("pci_security", {}).get("intrusion_detection", False),
-        },
-        "card_data_security": {
-            "encryption": audit_data.get("card_data_security", {}).get("encryption", False),
-            "storage_protection": audit_data.get("card_data_security", {}).get("storage_protection", False)
-        },
-        "network_configurations": audit_data.get("network_configurations", [])
     }
     recommendations = []
-    if not findings["pci_security"]["firewall"]:
         recommendations.append("Implement Firewall: Ensure that a firewall is in place to protect the network.")
-    if not findings["card_data_security"]["encryption"]:
         recommendations.append("Encrypt Card Data: Ensure all cardholder data is encrypted during storage and transmission.")
     return findings, recommendations
-# Generate GDPR Compliance Report
 def generate_gdpr_report(audit_data, company_name="Company Name", system_name="System Name"):
     findings, recommendations = analyze_data_for_gdpr(audit_data)
-    report_content = f"""
     GDPR Compliance Evaluation Report
     Title: GDPR Compliance Evaluation Report
-    Date: {datetime.now().strftime('%Y-%m-%d')}
     Prepared by: [Your Name]
     For: {company_name}
@@ -74,42 +89,49 @@ def generate_gdpr_report(audit_data, company_name="Company Name", system_name="S
     and suggests recommendations to enhance GDPR adherence.
     Findings:
-    System Information:
-    - OS Version: {findings['system_info']['os_version']}
-    - Architecture: {findings['system_info']['architecture']}
-    - Memory: {findings['system_info']['memory']}
-    Disk Usage:
-    - Usage Percent: {findings['disk_usage']['usage_percent']}
-    Network Info:
-    - Interfaces: {', '.join(findings['network_info']['interfaces'])}
-    Security Measures:
-    - Encryption: {"Yes" if findings['security_measures']['encryption'] else "No"}
-    - Data Anonymization: {"Yes" if findings['security_measures']['data_anonymization'] else "No"}
-    Running Processes:
-    - Processes: {', '.join(findings['running_processes'])}
-    Software Inventory:
-    - Installed Software: {', '.join(findings['software_inventory'])}
     Recommendations:
-    {''.join(f'- {rec}\n' for rec in recommendations)}
-    """
     return report_content
-# Generate PCI Compliance Report
 def generate_pci_report(audit_data, company_name="Company Name", system_name="System Name"):
     findings, recommendations = analyze_data_for_pci(audit_data)
-    report_content = f"""
     PCI Compliance Evaluation Report
     Title: PCI Compliance Evaluation Report
-    Date: {datetime.now().strftime('%Y-%m-%d')}
     Prepared by: [Your Name]
     For: {company_name}
@@ -119,21 +141,25 @@ def generate_pci_report(audit_data, company_name="Company Name", system_name="Sy
     and suggests recommendations to enhance PCI DSS adherence.
     Findings:
-    PCI Security Measures:
-    - Firewall: {"Yes" if findings['pci_security']['firewall'] else "No"}
-    - Antivirus: {"Yes" if findings['pci_security']['antivirus'] else "No"}
-    - Intrusion Detection: {"Yes" if findings['pci_security']['intrusion_detection'] else "No"}
-    Card Data Security:
-    - Encryption: {"Yes" if findings['card_data_security']['encryption'] else "No"}
-    - Storage Protection: {"Yes" if findings['card_data_security']['storage_protection'] else "No"}
-    Network Configurations:
-    - Configurations: {', '.join(findings['network_configurations'])}
     Recommendations:
-    {''.join(f'- {rec}\n' for rec in recommendations)}
-    """
     return report_content

 import pandas as pd
 import gradio as gr
 from datetime import datetime
+from transformers import pipeline
+# Initialize a question-answering pipeline (You can replace the model with any capable one)
+qa_pipeline = pipeline("question-answering", model="deepset/roberta-base-squad2")
+# Function to analyze each section with prompts
+def prompt_based_analysis(question, context):
+    response = qa_pipeline(question=question, context=context)
+    return response['answer']
+# Function to analyze audit data for GDPR compliance using prompts
 def analyze_data_for_gdpr(audit_data):
+    system_info_context = f"OS Version: {audit_data.get('os_version', 'Unknown')}, Architecture: {audit_data.get('architecture', 'Unknown')}, Memory: {audit_data.get('memory', 'Unknown')}"
+    disk_usage_context = f"Disk Usage: {audit_data.get('disk_usage', {}).get('usage_percent', 'Unknown')}%"
+    network_info_context = f"Interfaces: {', '.join(audit_data.get('network_info', {}).get('interfaces', []))}"
+    security_measures_context = f"Encryption: {audit_data.get('security_measures', {}).get('encryption', False)}, Data Anonymization: {audit_data.get('security_measures', {}).get('data_anonymization', False)}"
+    processes_context = f"Running Processes: {', '.join(audit_data.get('running_processes', []))}"
+    software_inventory_context = f"Software Installed: {', '.join(audit_data.get('software_inventory', []))}"
+    # Prompts for each section
+    system_info_analysis = prompt_based_analysis("Evaluate the system information in terms of GDPR compliance.", system_info_context)
+    disk_usage_analysis = prompt_based_analysis("Evaluate the disk usage with respect to GDPR regulations.", disk_usage_context)
+    network_info_analysis = prompt_based_analysis("Evaluate the network information in terms of GDPR compliance.", network_info_context)
+    security_measures_analysis = prompt_based_analysis("Evaluate the current security measures for compliance with GDPR.", security_measures_context)
+    processes_analysis = prompt_based_analysis("Evaluate the running processes for GDPR compliance.", processes_context)
+    software_inventory_analysis = prompt_based_analysis("Evaluate the installed software for GDPR compliance.", software_inventory_context)
     findings = {
+        "system_info": system_info_analysis,
+        "disk_usage": disk_usage_analysis,
+        "network_info": network_info_analysis,
+        "security_measures": security_measures_analysis,
+        "running_processes": processes_analysis,
+        "software_inventory": software_inventory_analysis,
     }
     recommendations = []
+    if 'encryption' not in security_measures_context.lower():
         recommendations.append("Implement Encryption: Ensure that both stored and transmitted data are encrypted.")
+    if 'anonymization' not in security_measures_context.lower():
         recommendations.append("Implement Data Anonymization: Ensure that sensitive data is anonymized during storage.")
     return findings, recommendations
+# Function to analyze audit data for PCI compliance using prompts
 def analyze_data_for_pci(audit_data):
+    pci_security_context = f"Firewall: {audit_data.get('pci_security', {}).get('firewall', False)}, Antivirus: {audit_data.get('pci_security', {}).get('antivirus', False)}, Intrusion Detection: {audit_data.get('pci_security', {}).get('intrusion_detection', False)}"
+    card_data_security_context = f"Card Data Encryption: {audit_data.get('card_data_security', {}).get('encryption', False)}, Storage Protection: {audit_data.get('card_data_security', {}).get('storage_protection', False)}"
+    network_config_context = f"Network Configurations: {', '.join(audit_data.get('network_configurations', []))}"
+    # Prompts for each section
+    pci_security_analysis = prompt_based_analysis("Evaluate the PCI security measures for compliance with PCI DSS.", pci_security_context)
+    card_data_security_analysis = prompt_based_analysis("Evaluate the card data security measures for PCI DSS compliance.", card_data_security_context)
+    network_config_analysis = prompt_based_analysis("Evaluate the network configurations for PCI DSS compliance.", network_config_context)
     findings = {
+        "pci_security": pci_security_analysis,
+        "card_data_security": card_data_security_analysis,
+        "network_configurations": network_config_analysis,
     }
     recommendations = []
+    if 'firewall' not in pci_security_context.lower():
         recommendations.append("Implement Firewall: Ensure that a firewall is in place to protect the network.")
+    if 'encryption' not in card_data_security_context.lower():
         recommendations.append("Encrypt Card Data: Ensure all cardholder data is encrypted during storage and transmission.")
     return findings, recommendations
+# Generate GDPR Compliance Report with advanced prompts for each section
 def generate_gdpr_report(audit_data, company_name="Company Name", system_name="System Name"):
     findings, recommendations = analyze_data_for_gdpr(audit_data)
+    report_content = """
     GDPR Compliance Evaluation Report
     Title: GDPR Compliance Evaluation Report
+    Date: {date}
     Prepared by: [Your Name]
     For: {company_name}
     and suggests recommendations to enhance GDPR adherence.
     Findings:
+    System Information Analysis:
+    {system_info}
+    Disk Usage Analysis:
+    {disk_usage}
+    Network Info Analysis:
+    {network_info}
+    Security Measures Analysis:
+    {security_measures}
+    Running Processes Analysis:
+    {running_processes}
+    Software Inventory Analysis:
+    {software_inventory}
     Recommendations:
+    {recommendations}
+    """.format(
+        date=datetime.now().strftime('%Y-%m-%d'),
+        company_name=company_name,
+        system_info=findings['system_info'],
+        disk_usage=findings['disk_usage'],
+        network_info=findings['network_info'],
+        security_measures=findings['security_measures'],
+        running_processes=findings['running_processes'],
+        software_inventory=findings['software_inventory'],
+        recommendations=''.join(f'- {rec}\n' for rec in recommendations)
+    )
     return report_content
+# Generate PCI Compliance Report with advanced prompts for each section
 def generate_pci_report(audit_data, company_name="Company Name", system_name="System Name"):
     findings, recommendations = analyze_data_for_pci(audit_data)
+    report_content = """
     PCI Compliance Evaluation Report
     Title: PCI Compliance Evaluation Report
+    Date: {date}
     Prepared by: [Your Name]
     For: {company_name}
     and suggests recommendations to enhance PCI DSS adherence.
     Findings:
+    PCI Security Measures Analysis:
+    {pci_security}
+    Card Data Security Analysis:
+    {card_data_security}
+    Network Configurations Analysis:
+    {network_configurations}
     Recommendations:
+    {recommendations}
+    """.format(
+        date=datetime.now().strftime('%Y-%m-%d'),
+        company_name=company_name,
+        pci_security=findings['pci_security'],
+        card_data_security=findings['card_data_security'],
+        network_configurations=findings['network_configurations'],
+        recommendations=''.join(f'- {rec}\n' for rec in recommendations)
+    )
     return report_content