Labels

Product Security Risk Register: Medium-high risk, within receptive tolerance. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Notable risk, remediation planning. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: High-medium risk, active mitigation. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Very low risk, well within tolerance. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: High-medium risk, within seeking tolerance. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: High risk, urgent treatment execution. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: High risk, accelerated remediation. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Low risk, standard oversight adequate. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Critical risk, maximum priority response. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Minor risk, periodic review recommended. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Low risk, within risk averse tolerance. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Acceptable risk, continued monitoring. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Moderate risk, enhanced monitoring. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Product Security Risk Register: Moderate risk, closer oversight needed. More details in: https://handbook.gitlab.com/handbook/security/security-assurance/security-risk/storm-program/#risk-drafting-guidance

Security Architecture scope: Risk Affecting Duo-Workflow

Issues scoped to contribute to the following project from Security Architecture Support for the Product AuthN/Z Redesign - https://gitlab.com/groups/gitlab-com/gl-security/product-security/security-architecture/-/epics/12

Security Architecture scope: Supply Chain

Localization matters specific to Brazilian Portuguese

Issues that are straightforward for community contributors and have implementation plans. See criteria for quick win issues: https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#criteria-for-quick-win-issues