Demo: https://drive.google.com/file/d/1_MtyLwePmUvSY4hZPYvZ51dhEKC8w20B/view 

Epic Goal

In a common enterprise scenario, application repositories are secured. That means that in a large application import, considering that credentials can't be included in the CSV file, the first language and technology discovery operations will fail until the user manually associates credentials with each application. This introduces a manual step in a process that should be as automated as possible to tackle large application portfolios effectively and start surfacing information as early as possible.

A different scenario that makes this more of a problem would be related to application discovery, as it would be important to automate the insights collection as much as possible as soon as applications are discovered if the source platform contained information about the application repository.

This epic aims at enabling MTA to manage default credentials to streamline the language and technology discovery operations when credentials haven't been explicitly associated with applications in the portfolio.

Epic definition is being worked on in the following PR from the Konveyor Enhancements repository: https://github.com/konveyor/enhancements/pull/223

Stages of content journey

1. Discover

• Objective: Introduce users to the concept of default credentials and their implications in application migration.
• Content Ideas:
  • Overview article explaining what default credentials are and why they matter in the context of application migration.
  • Infographic highlighting common security risks associated with default credentials.
  • Blog post featuring case studies of organizations that faced challenges due to default credentials.

2. Learn

• Objective: Provide in-depth knowledge about managing default credentials during migration.
• Content Ideas:
  • Detailed documentation on how to identify and manage default credentials in applications.
  • Video tutorials demonstrating the process of auditing applications for default credentials.
  • FAQs addressing common concerns and questions about default credentials in the migration process.

3. Try

• Objective: Encourage users to experiment with tools and features related to default credentials.
• Content Ideas:
  • Interactive demo or sandbox environment where users can practice identifying and changing default credentials.
  • Step-by-step guide on using the Migration Toolkit to manage default credentials effectively.
  • Sample projects or templates that users can download and modify to see the impact of changing default credentials.

4. Adopt

• Objective: Support users in implementing best practices for default credentials in their migration projects.
• Content Ideas:
  • Comprehensive checklist for migrating applications with a focus on default credentials.
  • Webinars or live Q&A sessions with experts discussing strategies for adopting best practices.
  • Success stories from users who have effectively managed default credentials during their migrations.

5. Expand

• Objective: Encourage users to explore advanced features and ongoing improvements related to default credentials.
• Content Ideas:
  • Articles on advanced security practices and tools for managing credentials in cloud environments.
  • Community forums or discussion groups where users can share experiences and tips on managing default credentials.
  • Regular updates on new features or enhancements in the Migration Toolkit that relate to credential management.

This content journey aims to guide users through the process of understanding, managing, and optimizing default credentials as part of their application migration efforts.

What is the main user goal aka job to be done?

1. As a security administrator, I want to identify all default credentials in my applications so that I can mitigate security risks before migrating to the cloud.

1. As a DevOps engineer, I want to automate the process of changing default credentials so that I can ensure consistent security practices across all environments.

1. As a project manager, I want to track the status of default credential management during the migration so that I can ensure compliance with security policies and timelines.

1. As a software developer, I want to receive guidance on best practices for managing default credentials so that I can build secure applications that are less vulnerable to attacks.

Content journey

https://spaces.redhat.com/display/MMSDOCS/Default+Credentials+content+journey