Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
https://www.coalfire.com/insights/resources/video/getting-started-with-threadfix-3-0
|
Installation
Preparing your environment
How would Support for open-source components included in Coalfire’s Helm Charts, but not developed by Coalfire (e.g. Kong) work? Support for 3rd party applications/services is provided/ limited as they apply to TF
Scaling ThreadFix Services
How would we handle future version upgrade? What is the process?
Getting Started with ThreadFix 3.X
How to handle cycling of certs/secrets (pod recycling)?1) Capacity sizing of clusters and other resources PVs, DBs, in consideration with Navy Federal needscapacity sizing of clusters and other resources PVs, DBs
Recovery approach of persistent data for Stateful sets, if any node goes down or in upgrade / patching scenarios
nothing to change, its transient data. Data stored in sql server, recommend to scale it up.
if node goes down persistent volume should be fine and the node will remap onto a new node.
Design of High availability setup of the application within the same region
Any performance testing indicators required
Integration endpoints to other applications and any networking changes required
Enable Authentication / SSO functionality
Any specific concerns or issues (known) of having ThreadFix deployed in a separate Namespace while other tools to be deployed in their own namespaces and in the same AKS cluster
Product updates/ tool security patches update with helm charts and impact on the downtime
Active-Passive application configuration (if any)
11) Heartbeat kind of utilities support HA deployment (if any)
12) Custom extension APIs and Certificate Transparency, if we will use TLS 1.2/ 1.3
Frequently Asked Questions
What are the requirements to deploy ThreadFix?
ThreadFix has varying environment System Recommendations depending on the scale the user intends to deploy in:How is ThreadFix Installed and how is it upgraded?
To begin with, users should consult the Installation Checklist in order to prepare their Kubernetes environment Installation
Once the environment is ready, users can prepare their external database as well install with Helm
When updates are available, users can followed straightforward Upgrade & Migration steps and updating guides
Can ThreadFix be scaled up or down after deployment?
Yes, users can adjust their service’s scale. Note not all services in ThreadFix can be safely scaled, please consult the Configurations and Tuning Guide for more information on what services can be scaled and what values may be appropriate for the user case.What data needs to be backed-up?
The only persistent data held by ThreadFix is stored in the database. Consult the "Backup & Restore guide for how to backup this data. Other data stores used by ThreadFix are only used for transient data and do not need back up policies.Can ThreadFix Support assist with third-party components, applications, tools, and/or services?
Yes, however ThreadFix Support’s assistance with third-party components, applications, tools, and/or services is provided/ limited to what is necessary to install, upgrade, troubleshoot ThreadFix.What API is available for users to integrate with?
ThreadFix offers a robust list of API for customers to integrate into their environments.What other integrations are available to function with ThreadFix?
ThreadFix can interface with many External Integrations such as:Scanners, including, Remote Providers, Files, and Scan Agents
Does ThreadFix offer user customizable settings?
Users are provided many customization options, from how vulnerabilities and severities are mapped, per user or per team settings, policies, tags, filters, and more.What kind of reporting can ThreadFix provide?
ThreadFix provides a variety of vulnerability Analytics & Reports containing metrics which can be exported to common formats such as PDF, CSV and SSVL.
Additional Resources
Expand | ||||
---|---|---|---|---|
| ||||
|
View file | ||
---|---|---|
|
Table of Contents
Table of Contents |
---|