From 476553d5d3bcbfea8f17e8a1a13e83fdceaa49df Mon Sep 17 00:00:00 2001
From: Shiv Bhagavatula <shiv@accuknox.com>
Date: Wed, 10 Jan 2024 16:57:32 +0530
Subject: [PATCH]  - Integrity Protection

---
 actions/mitre/integrityProtection | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 actions/mitre/integrityProtection

diff --git a/actions/mitre/integrityProtection b/actions/mitre/integrityProtection
new file mode 100644
index 0000000..c1493c0
--- /dev/null
+++ b/actions/mitre/integrityProtection
@@ -0,0 +1,16 @@
+title: integrityProtection
+description: There are multiple contexts here:
+DNS Manipulation: In this context, integrity protection refers to ensuring
+that the DNS responses integrity. Currently, there is no way to for security
+ engines to do this on the cluster. There are techniques to use DNSSEC 
+[ibm, microsoft] to secure DNS data validating the digital signatures. 
+of the 
+severity: high
+tags: [5gcore, edge, mitre]
+references:
+  - name: mitre
+    url: https://fight.mitre.org/mitigations/FGM1557
+  - name: ibm
+    url: https://www.ibm.com/docs/en/i/7.3?topic=support-domain-name-system-security-extensions-dnssec
+  - name: microsoft
+    url: https://learn.microsoft.com/en-us/windows-server/networking/dns/validate-dnssec-responses