Security

Security

Warning

The DevOps Portal has been deprecated in the Q4`18 MCP release tagged with the 2019.2.0 Build ID.

The Security dashboard is the UI for the Security Audit Service, aka Security Monkey. The service runs tests to track and evaluate security-related tenant changes and configurations. Using the Security dashboard, you can search through these audit findings and review them.

Note

The Security Audit service depends on the following services:

  • DevOps Portal web UI

  • Push Notification service

  • PostgreSQL database

To review security item details:

  1. Log in to the DevOps Portal.

  2. To quickly access current security items with unjustified issues click the Security issues widget on the Dashboard tab. The Security items page opens.

  3. Click the name of the required security item in the Items section to view its details. The item details page opens.

  4. To revise the configuration change that caused the security item raise, use the Revisions section. The affected parts of configuration are color coded:

    • Green stands for additions

    • Red stands for deletions

  5. To justify the unjustified issues, use the Issues section:

    1. Check the unjustified issue or issues.

    2. Edit the Justification field specifying the reason of justification. For example, This has been approved by the Security team.

    3. Click Justify.

  6. To attach a comment containing any required content to an item:

    1. In the Item comments section, paste the comment to the comment field.

    2. Click Add comment.

  7. To search for specific issues, use the Issues section. Each issue has a link to a page of the corresponding item containing the details of the issue.