jurjen.ladenius/Cloud-20Engineering
1
0
Fork 0
mirror of https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering synced 2026-02-27 18:52:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c1f54bf0f88b7379f445257a46f11b08e92e6f8b
Cloud-20Engineering/notes.txt
Jurjen Ladenius 54545021e8 Restructured, deleted lists, added service connection list
2023-08-22 15:28:16 +02:00

37 lines
728 B
Plaintext
Raw Blame History

====
- Standards & policies
- DevOps
- Code reviews
- Policies
- Traceability (who/what/why)
- Enforcing 4 eyes
- Automation (IaC & CI/CD)
- Scanning our code
- Code quality
-
- Scanning our infrastructure
- Scanning 3rd party packages
- Reviews
- Pentest
- ISO policy checks
====
- Tools:
- Qualys (contact Wouter for an account) (monthly)
- SonarCloud (https://sonarcloud.io/organizations/effectory/projects) (every build)
- Snyk (https://app.snyk.io/) (daily & every build)
- Security Scorecard (https://securityscorecard.com/) (?)
- Free stuff to easily check:
- SSL Labs https://www.ssllabs.com/ssltest/
- Security Headers https://securityheaders.com/
====
Response times:
===
Reference in New Issue View Git Blame Copy Permalink