Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security testing capabilities #6

Closed
5 tasks
nmoutschen opened this issue Jan 20, 2020 · 2 comments
Closed
5 tasks

Add security testing capabilities #6

nmoutschen opened this issue Jan 20, 2020 · 2 comments
Labels
enhancement New feature or request shared Issue related to shared resources tools Issue related to tooling

Comments

@nmoutschen
Copy link
Contributor

The security command should be able to perform security analysis on a service, namely:

  • Check for vulnerabilities in dependencies
  • Check for vulnerabilities in function code
  • Check for overly permissive IAM policies
  • Check for infringement on rules, such as allowing to contact another service
  • Check for infringement on EventBridge rules, such as creating a rule that listens to source outside what is authorized for that service
@nmoutschen nmoutschen added enhancement New feature or request tools Issue related to tooling shared Issue related to shared resources labels Jan 20, 2020
@nmoutschen
Copy link
Contributor Author

Some features here will depend on #7

@nmoutschen nmoutschen changed the title Add "security" command Add security testing capabilities Mar 26, 2020
@nmoutschen
Copy link
Contributor Author

Won't do for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request shared Issue related to shared resources tools Issue related to tooling
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nmoutschen