Closed
Description
Which area this user story is related to?
/area api
/area library
/area registry
/area alizer
/area landing-page
Issue description
As part of our security policy, recommended by the CLO Monitor best practices, we could implement a security threat model so we can understand better threats and mitigations within the devfiles org. A useful resource shared by cncf.io is https://www.cncf.io/blog/2023/03/16/threat-modeling-to-cloud-native-we-need-a-new-approach/.
This issue focuses only in the investigation around a potential security thread model which could be followed by the devfiles team.
Acceptance Criteria
- Decide if a threat model is a requirement for the devfiles org.
- If it is a requirement, the results of investigation have been shared.
Metadata
Metadata
Assignees
Labels
Type
Projects
Status
Done ✅