Uploaded image for project: 'OpenShift Workloads'
  1. OpenShift Workloads
  2. WRKLDS-1142

DAST Findings - OSSO

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • osso-1.3.0
    • DAST - RODOO Findings tracker
    • False
    • None
    • False
    • Not Selected
    • To Do
    • XS
    • Workloads Sprint 251, Workloads Sprint 252, Workloads Sprint 254

      Epic Goal*

      Close out all critical and important weaknesses and vulnerabilities identified by RapiDAST as part of DAST scanning within SDL.

       
      Why is this important? (mandatory)

      DAST can improve the build-in security posture of a system by detecting misconfigurations or insecure coding practices. It can also increase user confidence in OSSO's security posture, reduce costs by finding design flaws early and before release, and reduce exposure to weaknesses other methods may not cover.

       
      Scenarios (mandatory) 

      Provide details for user scenarios including actions to be performed, platform specifications, and user personas.  

      1. n/a

       
      Dependencies (internal and external) (mandatory)

      n/a

      Contributing Teams(and contacts) (mandatory) 

      Our expectation is that teams would modify the list below to fit the epic. Some epics may not need all the default groups but what is included here should accurately reflect who will be involved in delivering the epic.

      • Development - Mitigate weaknesses/vulns
      • Documentation - Document any accepted weaknesses/vulns
      • QE - Test/retest any weaknesses/vulns

      Done - Checklist (mandatory)

      The following points apply to all epics and are what the OpenShift team believes are the minimum set of criteria that epics should meet for us to consider them potentially shippable. We request that epic owners modify this list to reflect the work to be completed in order to produce something that is potentially shippable.

      • CI Testing -  Basic e2e automationTests are merged and completing successfully
      • Documentation - Content development is complete.
      • QE - Test scenarios are written and executed successfully.
      • Technical Enablement - Slides are complete (if requested by PLM)
      • Engineering Stories Merged
      • All associated work items with the Epic are closed
      • Epic status should be “Release Pending” 

       

      See full results of DAST findings here:[ https://docs.google.com/document/d/1YabO1pqBA6Q4dqHx9sJzlZikL0Gakzoj8HSAesE236Y/edit?usp=drive_link|https://docs.google.com/document/d/1YabO1pqBA6Q4dqHx9sJzlZikL0Gakzoj8HSAesE236Y/edit?usp=drive_link]

        1. stdout-report.txt
          13 kB
        2. stdout-report-1.txt
          1 kB
        3. stdout-report-2.txt
          0.1 kB

              jchaloup@redhat.com Jan Chaloupka
              catasagan Catalina Sagan
              Rama Kasturi Narra Rama Kasturi Narra
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: