You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
CALM (the Common Architecture Language Model) is part of the FINOS Architecture as Code (AasC) project.
We have built a core schema around the use case of defining common architecture patterns for APIs being onboarded to an API platform. We now want to develop the ability to capture security vulnerabilities and the required controls to mitigate said vulnerabilities.
We would expect to need to capture different threat models and risk profiles dependent on the organization's risk appetite.
Proposal
To use the thought exercise of 'My Secure Bank' an idea proposed in the AasC Working Group.
Potential Outcomes
Creation of a new Security Domain for the CALM specification
Development of documentation for how to apply the Security Domain to your architecture instances and patterns
Creation of a new Security Scanning capability that would enable you to automatically identify security vulnerabilities based on an architecture or pattern and propose the necessary controls to mitigate them
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
CALM (the Common Architecture Language Model) is part of the FINOS Architecture as Code (AasC) project.
We have built a core schema around the use case of defining common architecture patterns for APIs being onboarded to an API platform. We now want to develop the ability to capture security vulnerabilities and the required controls to mitigate said vulnerabilities.
We would expect to need to capture different threat models and risk profiles dependent on the organization's risk appetite.
Proposal
To use the thought exercise of 'My Secure Bank' an idea proposed in the AasC Working Group.
Potential Outcomes
Beta Was this translation helpful? Give feedback.
All reactions