Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cyber-Security Scanner #519

Open
mghilardelli opened this issue Jan 29, 2025 · 0 comments
Open

Cyber-Security Scanner #519

mghilardelli opened this issue Jan 29, 2025 · 0 comments
Assignees
@phirzel
Labels
enabler ops Operations
Milestone
Entwicklungspaket 1

Comments

@mghilardelli
Copy link
Collaborator

mghilardelli commented Jan 29, 2025
edited by phirzel
Loading

Ausgangslage

Als Produkt-SA will ich, dass die Cyber-Security gewährleistet ist, insbesondere für das DAS Backend und DAS Frontend.

Weiterführende Links

  1. BWL IKT Minimalstandards-> Öffentlicher Verkehr
  2. Team SBB VMC VMSD-187 Kurz: Sie machen regelmässig einen Scan und informieren betroffene Teams dann in einem manuellen Prozess.
  3. SEC-4140
  4. SBB IT Vorgaben Security
  5. Java vs Kotlin

Out of Scope

Akzeptanzkriterien

  • (1) geprüft
  • (2), (3), (4) Vorgaben der SBB evaluiert umgesetzt
  • Regelmässiger Scan von GitHub Repos auf vulnearbilities.
  • pro dev-Workplace installiert: Verwendung von ggshield als pre-commit hook, d.h. lokaler GitGuardian Scanner der die Daten vor dem Commit des Entwicklers überprüft (Empfehlung VMC-Team)
  • SAD Seite für Security-Champion eingerichtet und relevante Security-Aspekte beschrieben
@mghilardelli mghilardelli changed the title VMC Github Cybersicherheit Jan 30, 2025
@phirzel phirzel added this to the Entwicklungspaket 1 milestone Jan 31, 2025
@phirzel phirzel moved this from Backlog to Entwicklungsteam Review in Driver Advisory System Feb 3, 2025
@phirzel phirzel mentioned this issue Feb 3, 2025
Open
@phirzel phirzel changed the title Cybersicherheit Cyber-Security Feb 3, 2025
@phirzel phirzel mentioned this issue Feb 3, 2025
Open
@phirzel phirzel added the ops Operations label Feb 3, 2025
@phirzel phirzel changed the title Cyber-Security Cyber-Security Scanner Feb 3, 2025
@marcdettwiler marcdettwiler moved this from Entwicklungsteam Review to Testing Fach in Driver Advisory System Feb 5, 2025
@phirzel phirzel moved this from Testing Fach to Backlog in Driver Advisory System Feb 6, 2025
@phirzel phirzel moved this from Backlog to Entwicklungsteam Review in Driver Advisory System Feb 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@phirzel phirzel

Labels
enabler ops Operations
Projects
Driver Advisory System
Status: Entwicklungsteam Review
Milestone
Entwicklungspaket 1
Development

No branches or pull requests
2 participants
@mghilardelli @phirzel