Updates (28 Sep - 02 Oct 2020)
Progress / Completed
- Traveloka EISA
- EISA - PAT
- OffSec OSC Maturity Assessment (cont)
- Container Security - SecOps, ProdSec
- Data Classification - GRC
- Reviewed and discussed the data classification with users.
- Vulnerability Management Program Improvement
- ProdSec - Pre-Production VMP procedure (completed)
- VM - Vulnerability Tracking & Risk Deviation / Acceptance Tracking (ongoing):
Plan / Work in progress
- EISA
- EISA - PAT
- Organization Service Catalog Assessment (SecOps, ProdSec)
- EISA - IPT
- Prioritization Feedback
- Maturity Assessment
- Container Security - SecOps, ProdSec
- researching best practices, tools and processes
- Vulnerability Management Program Improvement:
- Going on the next plan to include SecOps in the VMP
- ProdSec
- Create ProdSec - Pre-Production VMP dashboard
- Vulnerability Tracking (ongoing):
- Identify vulnerability level, risk rating, and provide recommendation;
- Coordinating with users / product owners for the identified vulnerability;
- Follow up correction and corrective action for the identified vulnerability;
- Risk Deviation / Acceptance Tracking (ongoing):
- Coordinating with users / product owners for the risk deviation / acceptance
Roadblocks / Problems
-
Misc
-