Hartmut

0 Followers · 0 Following

• Joined on 2026-04-12

Repositories

2

Projects Packages Public Activity Starred Repositories

Hartmut commented on issue Hartmut/CapaKraken#17 2026-04-16 08:32:38 +02:00

CDP 35948464: General

CapaKraken Action Plan — 35948464 Secure Coding Checklist — General

Scope: Alle Items aus der Secure-Coding-General-Checkliste implementieren + attestieren.

Checklisten-Quelle:…

Hartmut commented on issue Hartmut/CapaKraken#15 2026-04-16 08:32:38 +02:00

CDP 35948454: Maintain System Administrator Log (app)

CapaKraken Action Plan — 35948454 System Administrator Log (ACL)

Scope: Zentrale Liste aller Admin-Accounts inkl. Privilege-Levels.

Aktueller Stand:

• `docs/acn-security-compliance-s…

Hartmut commented on issue Hartmut/CapaKraken#14 2026-04-16 08:32:38 +02:00

CDP 35948458: Require Multi-Factor Authentication

CapaKraken Action Plan — 35948458 Multi-Factor Authentication

Scope: MFA für alle Authentication-Flows (VPN, VDI, Citrix, RDP, App-Login, SSO).

Aktueller Stand:

• `docs/acn-security-…

Hartmut commented on issue Hartmut/CapaKraken#27 2026-04-16 08:32:38 +02:00

CDP 35948515: HTML5

CapaKraken Action Plan — 35948515 HTML5 Secure Coding Checklist

Checklisten-Quelle: [Secure Coding_HTML5.xlsx](https://ts.accenture.com/sites/Information_Security2/Protecting%20Accenture/…

Hartmut commented on issue Hartmut/CapaKraken#26 2026-04-16 08:32:38 +02:00

CDP 35948517: ReactJs

CapaKraken Action Plan — 35948517 ReactJs Secure Coding Checklist

Checklisten-Quelle: [Secure Coding_ReactJs.xlsx](https://ts.accenture.com/sites/Information_Security2/Protecting%20Accent…

Hartmut commented on issue Hartmut/CapaKraken#25 2026-04-16 08:32:38 +02:00

CDP 35948520: Web Application

CapaKraken Action Plan — 35948520 Web Application Security

Scope: Kompletter ADM/CDP-Katalog für Web-Apps (36 Sub-Validation-Fragen siehe Checkbox-Liste unten).

**Aktueller Stand…

Hartmut commented on issue Hartmut/CapaKraken#13 2026-04-16 08:32:38 +02:00

CDP 35948455: Provide Role Related Access (app)

CapaKraken Action Plan — 35948455 Role-Based Access (Least Privilege)

Scope: Role-Based Access Control, individuell je Rolle.

Aktueller Stand:

• `docs/acn-security-compliance-status.…

Hartmut commented on issue Hartmut/CapaKraken#6 2026-04-16 08:32:37 +02:00

CDP 35948473: Implement Patching Process (app/AI)

CapaKraken Action Plan — 35948473 Patching Process

Scope: Security-Patches für alle Dependencies + OS / Container / Node / Postgres.

Aktueller Stand:

• `docs/acn-security-compliance-…

Hartmut commented on issue Hartmut/CapaKraken#5 2026-04-16 08:32:37 +02:00

CDP 35948474: Environment Access (app)

CapaKraken Action Plan — 35948474 Environment Access Segregation

Scope: Dev / Test / Prod logisch getrennte Zugänge (ein User darf nicht automatisch auf prod zugreifen wenn er dev…

Hartmut commented on issue Hartmut/CapaKraken#3 2026-04-16 08:32:37 +02:00

CDP 35948468: Provide Written Notification (app)

CapaKraken Action Plan — 35948468 Administrator-Benachrichtigung

Scope: Wer eine Admin-Rolle erhält, muss schriftlich über die Privilegien informiert werden.

Aktueller Stand:

• RBAC…

Hartmut commented on issue Hartmut/CapaKraken#2 2026-04-16 08:32:37 +02:00

CDP 35948467: Application ID (app/AI)

CapaKraken Action Plan — 35948467 Application ID

Scope: Eindeutige Application IDs / Service Accounts (nicht Individual-User).

**Aktueller Stand (aus `docs/acn-security-compliance-status…

Hartmut commented on issue Hartmut/CapaKraken#10 2026-04-16 08:32:37 +02:00

CDP 35948471: Deliver project specific CDP training (app/AI)

CapaKraken Action Plan — 35948471 CDP Training

Scope: Jedes neue Teammitglied absolviert CDP-Training innerhalb 30 Tagen.

Aktueller Stand:

• Keine formale CDP-Training-Pipeline…

Hartmut commented on issue Hartmut/CapaKraken#9 2026-04-16 08:32:37 +02:00

CDP 35948452: Confirm Uniqueness of IDs and Passwords (app/AI)

CapaKraken Action Plan — 35948452 Unique IDs & Passwords

Scope: Eindeutige User-IDs + Passwörter, keine geteilten Logins, Passwort-Vault, MFA für Vault-Nutzung.

Aktueller Stand: -…

Hartmut commented on issue Hartmut/CapaKraken#12 2026-04-16 08:32:37 +02:00

CDP 35948470: Segregation of Duty Access (app)

CapaKraken Action Plan — 35948470 Segregation of Duty

Scope: Kein einzelner Entwickler soll Dev + Review + Test + Prod-Deploy allein ausführen können. Bei kleinen Teams: kompensierende…

Hartmut commented on issue Hartmut/CapaKraken#7 2026-04-16 08:32:37 +02:00

CDP 35948472: Maintain current application inventory (dev)

CapaKraken Action Plan — 35948472 Application Inventory

Scope: Aktuelles Application Inventory pflegen (Dev-Apps).

Aktueller Stand (aus Compliance-Status):

• `docs/acn-security-compl…

Hartmut closed issue Hartmut/CapaKraken#4 2026-04-16 08:18:45 +02:00

CDP 35948462: Confirm Business Continuity contractual requirements (app/AI)

Hartmut commented on issue Hartmut/CapaKraken#4 2026-04-16 08:18:44 +02:00

CDP 35948462: Confirm Business Continuity contractual requirements (app/AI)

Nicht anwendbar — automatisch geschlossen.

CapaKraken ist aktuell ein internes Tool ohne Vertrag mit Business-Continuity-Klausel. Die Guidance ist explizit konditioniert: _“If Business…

Hartmut opened issue Hartmut/CapaKraken#30 2026-04-16 08:16:53 +02:00

CDP 35948516: NodeJS

Hartmut opened issue Hartmut/CapaKraken#29 2026-04-16 08:16:53 +02:00

CDP 35948518: Cloud

Hartmut opened issue Hartmut/CapaKraken#28 2026-04-16 08:16:52 +02:00

CDP 35948519: Utilize a Secure DevOps environment supporting code scanning services