Security Assurance

For Security incidents, investigation, risk analysis requests, reviews. The team formerly known as Enterprise Information Security (EIS)/OpSec/infosec

Select a component to see open bugs in that component:

General

Bugs related to the Security Assurance team. These include server/network related security issues. (more info)

Rapid Risk Analysis

The Rapid Risk (Impact) Assessment (also called Rapid Risk Analysis) is a 60 minutes or less discussion about the potential risks of a project. The RRA is high level and lightweight.

Risk Record

Risk recorded during a risk analysis. These entries represent the risks and recommendations made. Tracking of remediations, acceptance of risk ("wontfix"), or discussion is done here.

Vulnerability Assessment

A semi-automated point-in-time vulnerability assessment conducted by a vulnerability scanner and other “point and shoot” tools for an explicit set of target(s). May include a validation component, depending on scope.