Anthropic-Cybersecurity-Skills/skills/implementing-cisa-zero-trust-maturity-model/references/api-reference.md

API Reference: CISA Zero Trust Maturity Model Assessment Agent

Dependencies

Library	Version	Purpose
(stdlib only)	Python 3.8+	JSON processing, assessment logic

CLI Usage

python scripts/agent.py \
  --data /assessments/zt_responses.json \
  --output-dir /reports/ \
  --output ztmm_report.json

Functions

assess_control(control, implemented, maturity) -> dict

Scores a single control: 0 (Traditional) to 3 (Optimal).

assess_pillar(pillar, responses) -> dict

Evaluates all controls within a CISA ZT pillar. Returns score, percentage, and maturity level.

compute_overall_maturity(pillar_results) -> dict

Aggregates pillar scores into overall maturity: Traditional/Initial/Advanced/Optimal.

generate_recommendations(pillar_results) -> list

Identifies unimplemented controls, prioritizes by pillar weakness.

generate_report(data_path) -> dict

Full assessment pipeline: load data, assess 5 pillars, compute maturity, generate recommendations.

CISA ZT Pillars

Pillar	Controls Assessed
Identity	MFA, phishing-resistant MFA, JIT access, PAM
Devices	Inventory, EDR, health attestation, posture
Networks	Microsegmentation, encrypted DNS, SDP
Applications	Inventory, access controls, API security
Data	Classification, DLP, encryption at rest

Input Data Format

{
  "Identity": {
    "MFA enforced for all users": {"implemented": true, "maturity": "Advanced"},
    "Phishing-resistant MFA (FIDO2/PIV)": {"implemented": false, "maturity": "Traditional"}
  }
}

Output Schema

{
  "overall_maturity": {"percentage": 52.3, "maturity_level": "Advanced"},
  "pillars": [{"pillar": "Identity", "percentage": 66.7, "maturity_level": "Advanced"}],
  "recommendations": [{"pillar": "Devices", "control": "EDR deployed", "priority": "HIGH"}]
}