You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
|1||Are there any known vulnerabilities and are all vulnerabilities with CVE above 4.0 are patched?|
|2||Is there a link on the website for patch releases and how do we ensure latest security patches are applied, wherever applicable.?|
|3||Is there a defined vulnerability discovery mechanism?|
|4||Is there a criteria defined for releasing a security patch?|
|5||Is there a timeline defined for vulnerability discovery to patch roll-out?|
|6||Is internet access required? If yes, access shall be for which ports? (e.g. FTP, SSH/SFTP, Telnet, SMTP, DNS, Win Shares, RDP)|
|7||All security settings recommended by vendor shall be applied (Hardening)|
|8||Is there any exceptions for AV, patch, USB or other exceptions on system where this is to be installed?|
|9||What are the privileges required for using/running the file?|
|10||If ports need to be opened to extranet systems, vulnerabilities associated shall be assessed and remediated|
|11||Is there a process for patch deployment at remote locations?|