Skip to content

Schedule issue for monthly web application vulnerability scan (#7100) #7121

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 29, 2025
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 35 additions & 0 deletions .github/ISSUE_TEMPLATE/web_app_vulnerability_scan.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
---
name: Run the web app vulnerability scans
about: Issue template for the monthly scanning and triaging of web app vulnerabilities
title: Monthly web app vulnerability scans
labels: +,compliance,infra,no demo,orange
_repository: DataBiosphere/azul-private
_start: 2025-06-01T09:00
_period: 1 month
---

### Author

- [ ] Completed an authenticated ZAP vulnerability scan of …
- [ ] … the HCA Data Portal https://data.humancellatlas.org/
- [ ] … the HCA Data Browser https://explore.data.humancellatlas.org/
- [ ] … the HCA Azul Indexer https://indexer.azul.data.humancellatlas.org/
- [ ] … the HCA Azul Service https://service.azul.data.humancellatlas.org/
- [ ] … the AnVIL Data Portal https://anvilproject.org/
- [ ] … the AnVIL Data Browser https://explore.anvilproject.org/
- [ ] … the AnVIL Azul Indexer https://indexer.explore.anvilproject.org/
- [ ] … the AnVIL Azul Service https://service.explore.anvilproject.org/
- [ ] Uploaded scan report PDFs to the [Google Drive](https://drive.google.com/drive/folders/1LYg9qV6usZT20vxddWjSkONmrw9-PjHy)
- [ ] Added the findings to the [Google Sheet](https://docs.google.com/spreadsheets/d/1uUaiOGr8t2oKSDal_FazIUDBhNb1yq3RwbSy-xMMBO0/edit?gid=709622447#gid=709622447), and …
- [ ] … created issues for new `High` severity findings
- [ ] … created issues for new `Medium` severity findings
- [ ] … created issues for new `Low` severity findings
- [ ] Added a comment to issues previously created for newly fixed findings (e.g. "No longer a finding as of the YYYY-MM-DD ZAP scan")
- [ ] Added a comment to this issue listing the newly created issues, a count of fixed findings, and a screenshot of the Google Sheet
- [ ] Moved issue to `Review Requested`
- [ ] Issue is assigned to only the system administrator

### System administrator

- [ ] Reviewed findings
- [ ] Closed issue