API V3.0 - Data retrieval API threat modeling action items

cds-snc / platform-forms-client

NextJS application that serves the public-facing website for Forms

https://forms-staging.cdssandbox.xyz/

MIT License

35 stars 13 forks source link

Open srtalbot opened 1 week ago

srtalbot commented 1 week ago

[ ] Inject the IP address of our IdP in the DNS look-up
[ ] Review insider threat actor alarms
- [x] Reach out the security team to discuss AWS alarms for insider threats
- [ ] Review existing alarms and identify new ones
- [ ] Implement new alarms
[ ] Review the timeout setting for the load balancer. But this issue is at the network level.
[ ] Check timeouts at the express server level.