va-vsp-bot
commented
3 weeks ago This issue is stale. If it is no longer valid, please close issue. Otherwise please update
Open jennb33 opened 4 months ago
va-vsp-bot
commented
3 weeks ago This issue is stale. If it is no longer valid, please close issue. Otherwise please update
This ticket is a dupe of 81002, please see earlier ticket for comments.
Issue Description
As the Platform Product Team, We need a better inventory of our tools, versions and features that are used, So that we can better manage and report on what is used and how
Since the initial deployment of various tools and software in our stack back in 2018, there have been continuous development and upgrades in these technologies. However, a methodical review to leverage new feature sets introduced in subsequent releases has been lacking. This gap in our process has potentially led to missed opportunities for enhancing our systems' efficiency, security, and performance.
A prime example of this situation is Redis (ElastiCache), which despite being upgraded, may not fully utilize features introduced in newer versions such as Cluster mode - which would allow for high availability via automatic failover and replication. This scenario could very likely extend to other components of our stack, such as Postgres, among others. Additionally, the absence of historical documentation on decision-making processes further complicates our ability to assess historical decisions.
We are also being asked by @tayism for a 'cheat sheet' list of the tools, services, or processes your team owns or manages so that Oddball and AdHoc knows who to notify when pointed feedback comes in.
Examples include:
Please document all findings for the tool from the audit in this Google document
SBOM - software bill of materials?
Tasks
Success Metrics
Acceptance Criteria