Skip to content

Latest commit

 

History

History
36 lines (28 loc) · 2.14 KB

introduction-to-launching-technology.md

File metadata and controls

36 lines (28 loc) · 2.14 KB
description
A reference for internal product managers and technical teams that participate in the software product lifecycle

Introduction to Launching Technology

Evaluations were conducted on three software projects that aim to improve civil registration and vital statistics (CRVS) systems. The evaluations covered various aspects, including source code security, application architecture, penetration testing, and DevSecOps analysis. These projects were evaluated to assess their fitness for purpose, readiness for enhancement, maintainability, performance, and security.

The evaluations involved a comprehensive review of the projects' documentation, source code, and deployment environments. Security audits were conducted to uncover vulnerabilities, and penetration testing was performed to assess the systems' resilience against cyberattacks. The evaluations also examined the projects' software development practices, including testing procedures and DevSecOps methodologies.

Based on the evaluation findings, several recommendations were made to improve the security and reliability of the projects. These recommendations included implementing secure deployment practices, prioritizing traffic protection, developing comprehensive test plans, eliminating hard-coded credentials, and protecting against supply chain attacks. Additionally, recommendations were made to address specific vulnerabilities identified during the evaluations, such as improving exception logging and prioritizing input sanitization.

  • elaboration of the technical documents themselves

  • targeted to UNICEF’s context and led by the insights provided by the research of the discovery phase

  • must consider the perspectives of the 4 dimensions that are critical to the effective and efficient facilitation of value for all the stakeholders in the form of products and services: people, process, technology, and partners

  • Introduction

    • Overview and System Architectures

  • Tools

    • Preparing Your Environment

  • Walkthrough

    • Getting Started
    • Assumptions, Credentials
    • Troubleshooting, Common Tasks

  • Additional Configurations

    • Hardening
    • Monitoring
    • Logging