-
Possibly relevant subset of https://wiki.mozilla.org/Security/FirefoxOperations#Security_Checklist
Infrastructure
--------------
* [x] Access and application logs must be archived for a minimum…
-
Add the default dir + main.yml with default vars to every role that is missing it.
-
We initially put the `package-lock.json` file into the `.gitignore` so that users of the service manual didn't accidentally commit it with their content changes.
This needs to be removed as we will…
-
There are a number of components we believe will be broadly useful right away, and that have already had some thought put into them:
* Operating system hardening - #2
* Jenkins - https://github.co…
afeld updated
7 years ago
-
Further to your request for assistance with making the text of A7 more inclusive of our project's automated threats, as well as all four of the issues you mentioned.
We feel that including other risk…
-
Some P3 reports that I think we should take a closer look at.
**[P3] Server Security Misconfiguration No Rate Limiting on Form Login**
Suggest to downgrade this one to a P4 at best perhaps even a …
-
afeld updated
7 years ago
-
**EDIT 26/11/2018**:
* **Am I affected?**:
If you are using anything crypto-currency related, then maybe. As discovered by @maths22, the target seems to have been identified as copay related libr…
-
Risk Management
---------------
* [x] The service must have performed a Rapid Risk Assessment and have a Risk Record bug (**SVC-RRA**).
Infrastructure rules
--------------------
* [x] Acces…
-
Great work on this! Really good start.
My feedback is partially covered here: https://github.com/kamranahmedse/developer-roadmap/issues/33
I look at this list and think, "What would I need to k…