Risk Register
Purpose
This Risk Register provides a stable and canonical list of risks identified within the Scheol Security Lab.
Each risk is uniquely identified and referenced across:
- System Inventory
- Threat Scenarios
- Control Mapping
- Architecture documentation
Risk Catalog (Canonical)
R-001 - Service co-location and weak isolation risk
Description:
Risk of lateral movement or cross-service compromise due to multiple services hosted on shared infrastructure (notably VPS environments).
Primary impact:
- compromise of multiple services following a single exploit
- privilege escalation across isolated logical services
Affected systems:
- VPS-01 (Gitea + documentation)
- VPS-02 (Dolibarr stack)
R-002 - Network misconfiguration exposing internal services
Description:
Firewall or reverse proxy misconfiguration exposing internal services or administrative interfaces to unauthorized access.
Affected systems:
- OPNsense firewall
- Reverse proxy layer
- VPS services
R-003 - Compromise of administrative access path
Description:
Unauthorized access to administrative interfaces (SSH, bastion, management nodes) leading to full infrastructure control.
Affected systems:
- Bastion (planned)
- Admin workstation
- SSH-accessible nodes
R-004 - Backup integrity or availability failure
Description:
Loss of backup reliability due to corruption, deletion, ransomware, or insufficient isolation of backup systems.
Affected systems:
- Proxmox infrastructure
- VPS snapshots
- Future backup platform
R-005 - Credential theft and privilege escalation
Description:
Compromise of authentication material (SSH keys, passwords, tokens) enabling privilege escalation or lateral movement.
Affected systems:
- Gitea
- Admin workstation
- Identity systems
R-006 - Identity system compromise (AD/LDAP)
Description:
Compromise or misconfiguration of identity infrastructure leading to unauthorized access across the environment.
Affected systems:
- Domain Controller (AD/LDAP)
- Authentication services
R-007 - Web application compromise (RCE / SQLi)
Description:
Exploitation of vulnerabilities in exposed web applications (e.g. Dolibarr) leading to remote code execution or data access.
Affected systems:
- VPS-02 (Dolibarr)
- Reverse proxy layer
R-008 - Logging and detection blind spots
Description:
Insufficient log coverage or lack of centralized monitoring preventing detection of malicious activity.
Affected systems:
- Wazuh (planned)
- VPS-01 / VPS-02
- Firewall logs
R-009 - CI/CD pipeline compromise
Description:
Compromise of CI/CD workflows (Gitea, runners) leading to malicious deployment or code injection.
Affected systems:
- Gitea
- CI/CD runners
- Deployment targets
R-010 - Data exfiltration from business applications
Description:
Unauthorized extraction of sensitive data from business applications such as ERP systems.
Affected systems:
- Dolibarr (VPS-02)
- Database layer (MariaDB)
Risk Relationships
Each risk is referenced in:
- System Inventory (system → risks)
- Control Mapping (controls → risks)
- Threat Scenarios (scenarios → risks)
Governance Rule
No new risk may be created outside this register.
All future risks must:
- be assigned a unique R-ID
- be validated for overlap with existing risks
- be integrated into all dependent documentation
Current Status
At this stage, the Risk Register is considered stable and canonical.
Established
- consistent numbering scheme (R-001 → R-010)
- normalized risk definitions (no duplicates)
- full alignment with current architecture
In Progress
- refinement of likelihood and impact per scenario
- linkage with validation and detection mechanisms
Planned
- integration of risk metrics into monitoring and reporting
- mapping to control effectiveness measurements