rmtolmach
commented
15 hours ago I am comparing the two documents
- Redis: https://vfs.atlassian.net/wiki/spaces/PPT/pages/3511812097/Analysis+of+Redis+Application
- Rails: https://vfs.atlassian.net/wiki/spaces/PPT/pages/3450830855/Analysis+of+Rails+Application+-+Current+State
They look pretty much identical. I asked Lindsey and she said to add findings from doc 2 to Chris's discovery doc, so I'm adding them to this section: https://vfs.atlassian.net/wiki/spaces/PPT/pages/3463512080/AWS+Elasticache+Redis+Discovery+and+Results#Updates-to-Vets-API%2FHelm-Charts
User Story
As the Managers and developers of the Redis tool undergoing a POAM to remedy security issues, We need to compare the Rails and Redis applications after current state analysis has been completed, So that the analysis of both tools can be compared to determine the strengths and weaknesses of the tools.
Issue Description
Redis product-team level security risk was registered on 5/31/2024, due to not meeting encryption and password protection in the current Redis environment. The team needs to create a timeline and mitigation strategy, that includes current state of “at rest” and “in transit” settings, in order to understand the work that needs to be done to fix the security risks.
We need to take the discovered data points from the Redis and Rails and compare and document each tool's strengths
Tasks
Success Metrics
There is solid understanding of the work required so that proper estimates can be applied to the timeframe.
Acceptance Criteria
[ ] Deliverable is the documentation of the strengths and weaknesses of each application.
Validation
Assignee to add steps to this section. List the actions that need to be taken to confirm this issue is complete. Include any necessary links or context. State the expected outcome.