Heimdall

This repository contains the source code for Heimdall's Backend, Frontend (AKA Heimdall Lite), OHDF Converters, and InSpecJS.

Contents

• Heimdall
  • Contents
  • Demos
    • Video
    • Hosted
      • These demos are only intended to show the functionality of Heimdall, please do not upload any sensitive data to them.
      • Released Previews
      • Current Development Master Branch Preview
  • Heimdall (Lite) vs Heimdall with Backend (Server)
    • Heimdall-Lite
    • Heimdall with Backend (Server)
    • Features
    • Use Cases
  • Getting Started / Installation
    • Heimdall Lite
      • Running via npm
      • Running via Docker
    • Heimdall Server - Docker
      • Setup Docker Container (Clean Install)
      • Updating Docker Container
      • Stopping the Container
      • Helm Chart
      • Running via Cloud.gov
  • External Data Sources (Interfaces)
    • AWS S3
    • Splunk
    • Tenable.SC
  • API Usage
  • For Developers
    • How to Install
    • Debugging Heimdall Server
    • Developing Heimdall Lite Standalone
    • Lint and fix files
    • Compile and minify the frontend and backend for production
    • Run tests
      • Run Cypress End to End Tests
    • Creating a Release
  • Versioning and State of Development
  • Contributing, Issues and Support
    • Contributing
    • Issues and Support

Demos

Video

Hosted

These demos are only intended to show the functionality of Heimdall, please do not upload any sensitive data to them.

Released Previews

Heimdall Lite | Heimdall Server    <a href="https://pages.github.com/"> <picture> <source media="(prefers-color-scheme: dark)" srcset="apps/frontend/src/assets/GitHub-Mark-Light-64px.png"> <source media="(prefers-color-scheme: light)" srcset="apps/frontend/src/assets/GitHub-Mark-64px.png"> <img alt="Github Logo" src="apps/frontend/src/assets/GitHub-Mark-64px.png" height="25"> </picture> </a>

Current Development Master Branch Preview

Heimdall Lite    <a href="https://www.netlify.com"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://www.netlify.com/v3/img/components/full-logo-dark-simple.svg"> <source media="(prefers-color-scheme: light)" srcset="https://www.netlify.com/v3/img/components/full-logo-light-simple.svg"> <img alt="Netlify Logo" src="https://www.netlify.com/v3/img/components/full-logo-dark-simple.svg" height="25"> </picture> </a> <br />

Heimdall Server    <a href="https://www.heroku.com/"><img src="https://www.herokucdn.com/deploy/button.svg" height="25"/></a>

Heimdall (Lite) vs Heimdall with Backend (Server)

There are two ways to deploy the MITRE Heimdall application - Heimdall-Lite and the full Heimdall with Backend Server. Both share the same frontend but have been produced to meet different needs and use-cases.

Heimdall-Lite

As a single-page javascript app - you can run Heimdall-Lite from any web-server, a secured S3 bucket or directly via GitHub Pages (as it is here). Heimdall-Lite gives you the ability to easily review and produce reports about your InSpec run, filter the results for easy review and hot-wash, print out reports, and much more.

Heimdall with Backend (Server)

Heimdall with Backend, or Heimdall Server runs the same front end as Heimdall-Lite, but is supported with a backend database to store persistent data overtime.

Features

| Features | Heimdall-Lite | Heimdall with Backend | | :----------------------------------------------------------------------------- | :----------------: | :-----------------------------------------------------------------------------------------: | | Additional Installation Requirements | | PostgreSQL Server | | Overview Dashboard & Counts | :white_check_mark: | :white_check_mark: | | Deep Dive View of Security Control Results and Metadata | :white_check_mark: | :white_check_mark: | | 800-53 Partition and TreeMap View | :white_check_mark: | :white_check_mark: | | Comparison View | :white_check_mark: | :white_check_mark: | | Advanced Data / Filters for Reports and Viewing | :white_check_mark: | :white_check_mark: | | Multiple Report Output<br />(DISA Checklist XML, CAT, XCCDF-Results, and more) | :white_check_mark: | :white_check_mark: | | View Multiple Guidance Formats (InSpec profile, Checklist, DISA & CIS XCCDF) | :white_check_mark: | :white_check_mark: | | Automatic Conversion of Various Security Formats | :white_check_mark: | :white_check_mark: | | Authenticated REST API | | :white_check_mark: | | CRUD Capabilities | | :white_check_mark: | | Users & Roles & multi-team support | | :white_check_mark: | | Authentication & Authorization | Hosting Webserver | Hosting Webserver<br />LDAP<br />OAuth Support for:<br /> GitHub, GitLab, Google, and Okta. |

Use Cases

| Heimdall-Lite | Heimdall with Backend | | :-----------------------------------: | :--------------------------: | | Just-in-Time Use | Multiple Teams | | Minimal Footprint & Deployment Time | Timeline and Report History | | Local or Disconnected Use | Centralized Deployment Model | | Minimal Authorization & Approval Time | |

Getting Started / Installation

Heimdall Lite

Heimdall Lite is published to npmjs.org and is available here.

Running via npm

To run Heimdall Lite locally, just use the npm built-in utility npx:

npx @mitre/heimdall-lite

If you use this tool often and want to have it installed locally, use the following command:

npm install -g @mitre/heimdall-lite

Then, any subsequent npx @mitre/heimdall-lite will use the local version and load much more quickly.

Running via Docker

It is also possible to run Heimdall-Lite using Docker, using the following command:

docker run -d -p 8080:80 mitre/heimdall-lite:release-latest

You can then access Heimdall-Lite at http://localhost:8080.

If you would prefer to run the bleeding edge version of Heimdall-Lite, replace mitre/heimdall-lite:release-latest with mitre/heimdall-lite:latest.

---