mirror of
https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering
synced 2026-02-27 18:52:18 +01:00
Restructured, deleted lists, added service connection list
This commit is contained in:
Jurjen Ladenius
37
notes.txt
Normal file
37
notes.txt
Normal file
@@ -0,0 +1,37 @@
|
||||
====
|
||||
|
||||
- Standards & policies
|
||||
- DevOps
|
||||
- Code reviews
|
||||
- Policies
|
||||
- Traceability (who/what/why)
|
||||
- Enforcing 4 eyes
|
||||
- Automation (IaC & CI/CD)
|
||||
- Scanning our code
|
||||
- Code quality
|
||||
-
|
||||
- Scanning our infrastructure
|
||||
- Scanning 3rd party packages
|
||||
- Reviews
|
||||
- Pentest
|
||||
- ISO policy checks
|
||||
|
||||
|
||||
====
|
||||
|
||||
- Tools:
|
||||
- Qualys (contact Wouter for an account) (monthly)
|
||||
- SonarCloud (https://sonarcloud.io/organizations/effectory/projects) (every build)
|
||||
- Snyk (https://app.snyk.io/) (daily & every build)
|
||||
- Security Scorecard (https://securityscorecard.com/) (?)
|
||||
|
||||
- Free stuff to easily check:
|
||||
- SSL Labs https://www.ssllabs.com/ssltest/
|
||||
- Security Headers https://securityheaders.com/
|
||||
|
||||
====
|
||||
|
||||
Response times:
|
||||
|
||||
|
||||
===
|
||||
Reference in New Issue
Block a user