2024 Q3 Security Review June-Sept 2024: Test Rail

[jennb33]

Issue Description

OCTO-DE teams are responsible for periodically reviewing access to systems and applications they manage to ensure that only authorized personnel have the required access and permissions.

OCTO-DE teams periodically review user access to ensure that access is limited to users who currently need to access the systems and applications and that those users have the appropriate permissions.

Platform Security initiates each review cycle and application owners are responsible for executing the process for each application that they own. Once complete, application owners document the results of the access review and send the artifacts to Platform Security to document in eMASS as evidence.

Tasks

• [ ] Complete security review for Test Rail - Backend tool / DevOps

Success Metrics

• [ ] All inventory for Platform Product team is reviewed for security issues as outlined in Security Access Review Process document and in the Security Access Review Inventory document
• [ ] All dates are met as outlined in Security Access Review Rollout Plan
• [ ] Security issues that are discovered are logged into the Access Review Template

Acceptance Criteria

• [ ] Security review completed for Test Rail

Validation

Assignee to add steps to this section. List the actions that need to be taken to confirm this issue is complete. Include any necessary links or context. State the expected outcome.

[jennb33]

@alyssagallion giving you this ticket, as an output of your discussion with @rmtolmach yesterday. Thanks so much! cc: @LindseySaari and Kelly Argynos for your information.

[va-vsp-bot]

This issue is stale. If it is no longer valid, please close issue. Otherwise please update

[jennb33]

This ticket is now assigned to the Platform Support team.