Page Comparison

Engineering Leads

raff Org Administrator

Contributors

Mike Seaton Samuel Lubwama Ian Bacher Grace Potma

Due date

29 Sep 2024

Objective

More robust out-of-the-box security for the O3 RefApp.

Key outcomes

\uD83E\uDD14 Problem Statement

Whereas CyberSecurity audits and authentication details have historically been handled by implementations one-by-one;
We want to be sure that the O3 RefApp has had a robust central effort to review and enhance it’s security
So that this out-of-the-box offering when globally scaled has no substantial weaknesses - especially in the context of a rise in cloud hosting.

Milestone

Owner

Deadline

Status

Status
colour Yellow
title in progress
Completed 3rd party Pen Test
Status
colour Green
title complete
Create new, private Vulnerability Tracker (since Jira config hasn’t proven entirely trustworthy for embargoed issues we don’t want to make public yet)
Status
colour Yellow
title in progress
Completed fixes for issues found during 3rd party Pen Test
Status
colour Yellow
title in progress
Triage list of unresolved vulnerabilities into the new, private Vulnerability Tracker

29 Sep 2024

Status

title	not started

More detailed sample Implementer Guides for implementation security maintenance.

IntelliSOFT Consulting Ltd.

29 Sep 2024

Status

colour	Yellow
title	in progress