Versions Compared

Old Version 1

changes.mady.by.user Grace Potma

Saved on

compared with

New Version 2

changes.mady.by.user Grace Potma

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Lead

Grace Potma

Engineering Leads

raff Org Administrator

Contributors

Mike Seaton Samuel Lubwama Ian Bacher

Objective
Status
titlenot started
/

Grace Potma

Due date

Objective

More robust out-of-the-box security for the O3 RefApp.

Key outcomes

  1. Status
    colourYellow
    titlein progress
    Completed 3rd party Pen Test

  2. Status
    colourGreen
    titlecomplete
    Create new, private Vulnerability Tracker (since Jira config hasn’t proven entirely trustworthy for embargoed issues we don’t want to make public yet)

  3. Status
    colourYellow
    titlein progress
    Completed fixes for issues found during 3rd party Pen Test

  4. Status
    colourYellow
    titlein progress
    Triage list of unresolved vulnerabilities into the new, private Vulnerability Tracker

  5. Status
    titlenot started
    Add default support for Authentication Module into O3 RefApp.

Status

  1. Status
    colourYellow
    titlein progress

/
Status
colourGreen
titlecomplete

  1. More detailed sample Implementer Guides for implementation security maintenance.

\uD83E\uDD14 Problem Statement

🎯 Scope

...

Must have:

...

Nice to have:

...

Not in scope:

\uD83D\uDDD3 Timeline

...

While CyberSecurity audits and authentication details have historically been handled by implementations one-by-one, we want to be sure that the O3 RefApp has had a robust central effort to review and enhance it’s security, so that this out-of-the-box offering when globally scaled has no substantial weaknesses - especially in the context of a rise in cloud hosting.

\uD83D\uDEA9 Milestones and deadlines

Milestone

Owner

Deadline

Status

\uD83D\uDD17 Reference materials

...