FEA404 - Enforce Secure Coding Practices
Test Case ID | TC003 |
Test case designer | Eetu Hyyrynen |
Creation date | 23.02.2024 |
Classification | functional / accessibility / security |
Origin | Feature |
Test description / objective
Version 1.2 Ensure the application's source code, dependencies, and repository adhere to best security practices.
Pre-state
Tukko in virtual machine is accessible and running. My team has configured sast, secret detection and depency scanning.
Test Steps
Step | Verify | Some notes |
---|---|---|
1. | Open Vulnerability report on github | Have any of these programs detected vulnerabilities? |
2. | Try to push a new file through | |
3. | See if the programmes are running and examining the file |
End-State
All security programs have completed their scans, and results are available.
Determination of test result (Pass / Fail Criteria)
- PASS condition: All security programs run successfully.
- FAIL CONDITION: Any of the security programs fail to run.