Uploaded image for project: 'Hybrid Cloud Console'
  1. Hybrid Cloud Console
  2. RHCLOUD-20408

SSML.PS.2.1.2 PSSC Policy Compliance

XMLWordPrintable

    • PlatSec Working

      Red Hat Standard:

      • Red Hat Offerings must ensure the build process complies with all Product Security Supply Chain policies, including:
        • All services, tools, and infrastructure (STIs) related to the Red Hat productization pipeline will be registered within the Red Hat Configuration Management Database (CMDB) with appropriate data and asset owners.
        • All services, tools, and infrastructure in the productization pipeline used to develop, compose, maintain and deliver these offerings must be certified with a Security Operating Approval (SOA) prior to supplying customers with products or services. Once granted, an SOA must be reviewed and re-certified no less than annually by Product Security to maintain pipeline security compliance.

      Evidence:

      • Attestation that the offering is following the policies as written

      More information about this practice can be found here.

            Unassigned Unassigned
            rrajasek@redhat.com Rajesh Rajasekaran
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: