stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs consolidation

Browse Source
This commit is contained in:
StellaOps Bot
2025-12-24 12:38:14 +02:00
parent 7503c19b8f
commit 9a08d10b89
215 changed files with 2188 additions and 9623 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
docs/modules/scanner/operations/field-engagement.md
View File

@@ -1,30 +1,38 @@
# Field Engagement Playbook Windows & macOS Coverage
# Field Engagement Playbook: Windows and macOS Coverage
> Audience: Field SEs, Product Specialists • Status: Draft
This playbook helps field teams answer Windows/macOS coverage questions without drifting into speculative promises.
## Purpose
Provide quick-reference guidance when prospects or customers ask about Windows/macOS coverage.
## 1) Current scope (baseline)
- Scanner targets deterministic container-image workflows first (Linux-focused).
- Windows and macOS analyzers are design-tracked and should be discussed as "in discovery/design" unless a specific sprint/feature flag says otherwise.
## Key talking points
- **Current scope**: Scanner supports deterministic Linux coverage; Windows/macOS analyzers are in design.
- **Roadmap**: macOS design (brew/pkgutil/.app) at `../design/macos-analyzer.md`; Windows design (MSI/WinSxS/Chocolatey) at `../design/windows-analyzer.md`.
- **Demand tracking**: All signals captured in `../../benchmarks/scanner/windows-macos-demand.md` using the interview template.
- **Policy readiness**: Secret leak detection briefing (`../../policy/secret-leak-detection-readiness.md`) and Windows package readiness (`../../policy/windows-package-readiness.md`).
- **Backlog IDs**: MacOS (SCANNER-ENG-0020..0023), Windows (SCANNER-ENG-0024..0027), policy follow-ups (POLICY-READINESS-0001/0002).
## 2) Operator talking points
- Determinism and offline parity are non-negotiable: any Windows/macOS expansion must keep fixtures, ordering, hashing, and Offline Kit flows reproducible.
- Coverage work is split into:
- Scanner analyzers (collection and parsing),
- Policy predicates (trust/verification rules),
- Offline Kit packaging (feeds, certificates, mirrors, and deterministic indexes).
## SE workflow
1. Use the interview template to capture customer needs.
2. Append structured summary to `windows-macos-demand.md` and update the API dashboards (`docs/api/scanner/windows-macos-summary.md`, `docs/api/scanner/windows-coverage.md`).
3. Notify Product/Scanner guild during weekly sync; flag blockers in Jira.
4. Add highlight to the “Recent updates” section in `docs/api/scanner/windows-macos-summary.md`.
5. Track upcoming milestones (FinSecure decision 2025-11-07, Northwind demo 2025-11-10) and ensure readiness tasks reflect outcomes.
## 3) Where to point people
- Design briefs:
- `docs/modules/scanner/design/windows-analyzer.md`
- `docs/modules/scanner/design/macos-analyzer.md`
- Deep dives and research notes:
- `docs/benchmarks/scanner/deep-dives/windows.md`
- `docs/benchmarks/scanner/deep-dives/macos.md`
- Demand capture: `docs/benchmarks/scanner/windows-macos-demand.md`
- Policy readiness notes:
- `docs/modules/policy/windows-package-readiness.md`
- `docs/modules/policy/secret-leak-detection-readiness.md`
## FAQ snippets
- *When will Windows/macOS analyzers be GA?* — Pending demand threshold; design complete, awaiting prioritisation.
- *Can we run scans offline?* — Offline parity is a requirement; Offline Kit packaging detailed in design briefs.
- *Do we cover Authenticode/notarization?* — Planned via Policy Engine predicates as part of readiness tasks.
## 4) Signal capture workflow
1. Capture requirements using `docs/benchmarks/scanner/windows-macos-interview-template.md`.
2. Append a structured summary to `docs/benchmarks/scanner/windows-macos-demand.md`.
3. If the signal implies policy/security decisions (signature verification, trust roots, masking/telemetry), update the relevant readiness notes and reference the demand entry.
4. Share the updated demand entry with the Scanner and Policy guilds in the next sync.
## 5) FAQ snippets
- When will Windows/macOS be GA? Demand- and evidence-driven; avoid date promises. Use the design briefs and deep dives for the current state.
- Can we run scans offline? Offline parity is required; any OS expansion must include an Offline Kit story (feeds, trust roots, deterministic indexes).
- Do we cover Authenticode/notarization? Treat as a policy/security decision captured in readiness notes, not an implicit feature promise.
## Contacts
- Product lead: TBD (record in demand log when assigned)
- Scanner guild rep: TBD
- Policy guild rep: TBD