Schedule issue for monthly web application vulnerability scan (#7100)

.github/ISSUE_TEMPLATE/web_app_vulnerability_scan.md

@@ -0,0 +1,35 @@
+---
+name: Run the web app vulnerability scans
+about: Issue template for the monthly scanning and triaging of web app vulnerabilities
+title: Monthly web app vulnerability scans
+labels: +,compliance,infra,no demo,orange
+_repository: DataBiosphere/azul-private
+_start: 2025-06-01T09:00
+_period: 1 month
+---
+
+### Author
+
+- [ ] Completed an authenticated ZAP vulnerability scan of …
+  - [ ] … the HCA Data Portal https://data.humancellatlas.org/
+  - [ ] … the HCA Data Browser https://explore.data.humancellatlas.org/
+  - [ ] … the HCA Azul Indexer https://indexer.azul.data.humancellatlas.org/
+  - [ ] … the HCA Azul Service https://service.azul.data.humancellatlas.org/
+  - [ ] … the AnVIL Data Portal https://anvilproject.org/
+  - [ ] … the AnVIL Data Browser https://explore.anvilproject.org/
+  - [ ] … the AnVIL Azul Indexer https://indexer.explore.anvilproject.org/
+  - [ ] … the AnVIL Azul Service https://service.explore.anvilproject.org/
+- [ ] Uploaded scan report PDFs to the [Google Drive](https://drive.google.com/drive/folders/1LYg9qV6usZT20vxddWjSkONmrw9-PjHy)
+- [ ] Added the findings to the [Google Sheet](https://docs.google.com/spreadsheets/d/1uUaiOGr8t2oKSDal_FazIUDBhNb1yq3RwbSy-xMMBO0/edit?gid=709622447#gid=709622447), and …
+  - [ ] … created issues for new `High` severity findings
+  - [ ] … created issues for new `Medium` severity findings
+  - [ ] … created issues for new `Low` severity findings
+- [ ] Added a comment to issues previously created for newly fixed findings (e.g. "No longer a finding as of the YYYY-MM-DD ZAP scan")
+- [ ] Added a comment to this issue listing the newly created issues, a count of fixed findings, and a screenshot of the Google Sheet
+- [ ] Moved issue to `Review Requested`
+- [ ] Issue is assigned to only the system administrator
+
+### System administrator
+
+- [ ] Reviewed findings
+- [ ] Closed issue