Skip to content
This repository has been archived by the owner on Jun 29, 2023. It is now read-only.

Setup automated security scan of node #607

Open
jacque006 opened this issue Jun 17, 2021 · 0 comments
Open

Setup automated security scan of node #607

jacque006 opened this issue Jun 17, 2021 · 0 comments
Labels
client This PR is about implementing the client

Comments

@jacque006
Copy link
Collaborator

What's wrong

As we build out our REST HTTP RPC API, there are likely to be security issues/vulnerabilities that can be exploited. We need a good general way we can check for these.

How can we fix it?

Setup an automated security scanning tool to check for vulnerabilities. We can check on:

  • Every commit
  • master merges/releases
  • or once a day

Some tools/platforms to consider:

OWASP Zap: https://www.zaproxy.org/
StackHawk: https://www.stackhawk.com/ free for 1 app
@jacque006 jacque006 added the client This PR is about implementing the client label Jun 17, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
client This PR is about implementing the client
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jacque006