Versions Compared

Version Old Version 6 New Version 7
Changes made by

Roxy Sanchez

Roxy Sanchez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleDoes your organisation conduct threat modelling during the design phase of an application or system build?

Does your organisation conduct threat modelling during the design phase of an application or system build?

We maintain a security risk level indicator in all Jira tickets around data protection and info security from the point the Jira ticket is created.

More information: https://commonplace.atlassian.net/l/cp/2CFm1bLS

Expand

Does your organisation conduct appropriate security testing as part of your development lifecycle?

We use a range of monitoring tools to ensure that the Commonplace platform remains secure during the development lifecycle. These include:


AWS CloudWatch for detecting suspicious activity within the Commonplace platform
Circle CI for automated unit testing of new code to ensure service availability and integrity
CodeClimate for testing coding standards
ZenDuty for Incident Management notification
Rollbar for error tracking within the platform
Sentry.io for application monitoring and error logging
Snyk for identifying and fixing vulnerabilities in the code, open source libraries, and infrastructure as code
AWS WAF for application security testing

...