stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
40e7f827da764e39ca67fc27a74813a98e9a38d2
git.stella-ops.org/docs/modules/scanner/operations/field-engagement.md
master b1e78fe412
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
Details
feat: Implement vulnerability token signing and verification utilities 
- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys.
- Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries.
- Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads.
- Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options.
- Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads.
- Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features.
- Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.
2025-11-03 10:04:10 +02:00

31 lines
1.9 KiB
Markdown
Raw Blame History

# Field Engagement Playbook — Windows & macOS Coverage
> Audience: Field SEs, Product Specialists • Status: Draft
## Purpose
Provide quick-reference guidance when prospects or customers ask about Windows/macOS coverage.
## Key talking points
- **Current scope**: Scanner supports deterministic Linux coverage; Windows/macOS analyzers are in design.
- **Roadmap**: macOS design (brew/pkgutil/.app) at `../design/macos-analyzer.md`; Windows design (MSI/WinSxS/Chocolatey) at `../design/windows-analyzer.md`.
- **Demand tracking**: All signals captured in `../../benchmarks/scanner/windows-macos-demand.md` using the interview template.
- **Policy readiness**: Secret leak detection briefing (`../../policy/secret-leak-detection-readiness.md`) and Windows package readiness (`../../policy/windows-package-readiness.md`).
- **Backlog IDs**: MacOS (SCANNER-ENG-0020..0023), Windows (SCANNER-ENG-0024..0027), policy follow-ups (POLICY-READINESS-0001/0002).
## SE workflow
1. Use the interview template to capture customer needs.
2. Append structured summary to `windows-macos-demand.md` and update the API dashboards (`docs/api/scanner/windows-macos-summary.md`, `docs/api/scanner/windows-coverage.md`).
3. Notify Product/Scanner guild during weekly sync; flag blockers in Jira.
4. Add highlight to the “Recent updates” section in `docs/api/scanner/windows-macos-summary.md`.
5. Track upcoming milestones (FinSecure decision 2025-11-07, Northwind demo 2025-11-10) and ensure readiness tasks reflect outcomes.
## FAQ snippets
- *When will Windows/macOS analyzers be GA?* — Pending demand threshold; design complete, awaiting prioritisation.
- *Can we run scans offline?* — Offline parity is a requirement; Offline Kit packaging detailed in design briefs.
- *Do we cover Authenticode/notarization?* — Planned via Policy Engine predicates as part of readiness tasks.
## Contacts
- Product lead: TBD (record in demand log when assigned)
- Scanner guild rep: TBD
- Policy guild rep: TBD
Reference in New Issue View Git Blame Copy Permalink