Timo Pagel
Timo Pagel
I added `generated/dimensions.yaml` which needs to be deleted later.
To create the new frontend application, here is a description for an activity (I enhanced it with missing keys): ``` Building and testing of artifacts in virtual environments: # string...
As a dsomm developer, I need to put a new action in different maturity levels to compare the usefulness/effort of the action with other actions in other (sub)dimimensions. As a...
As a CISO, I have to copy the information from dsomm to excel, manually. The excel sheet is shared with an auditor. An xlsx or CSV export would help to...
Next Open Security Summit (April 2021), I will give a DSOMM Introduction to do a workshop (involving the participants) afterwards. Do you have ideas for (sub)-dimensions/activities to discuss? What is...
As an ISO 2700X auditor I want to see all controls for a specific domain. Therefore, the given ordering is not sufficient and needs to be re-worked. @ioggstream
While proactive actions are given, the reactive actions need improvments.
### Expected behaviour Using azuread with customs signed keys should work. ### Actual behaviour Using azuread with self signed keys the standard `https://login.microsoftonline.com/{tenant}/discovery/v2.0/keys` is loaded and not `https://login.microsoftonline.com/{tenant}/discovery/v2.0/keys?appid={appid}` resulting in...
Hi, to use retire.js during the deployment in Jenkins I created a dockerfile (https://github.com/wurstbrot/retire.js). Is there an interest to integrate it into this repository?
Threat Modeling, in the best case, should be performed before you implement the feature/component/service/application. Therefore, I suggest to change it to future. The text beforehand is neutral, so no changed...