DRISTI
  • 👋Welcome to DRISTI
    • Why DRISTI?
  • ⚖️About DRISTI
    • Overview
    • Design Principles
    • Value Proposition
    • Architecture Overview
    • System Users
    • Key Modules
      • Async Applications & Submissions
        • Key Features
        • Process & Workflows
        • Specifications
      • Case Management
        • Key Features
        • Process & Workflows
        • Specifications
      • E-Filling, Scrutiny and Admission
        • Key Features
        • Process & Workflows
        • Specifications
        • Sequence Diagrams
      • Evidence
        • Key Features
        • Process & Workflows
        • Specifications
      • Listing & Scheduling
        • Key Features
        • Process & Workflows
        • Specifications
      • Hearings
        • Key Features
        • Process & Workflows
        • Specifications
      • Orders & Tasks
        • Key Features
        • Process & Workflows
        • Specifications
      • Summons, Bails, Warrants
        • Key Features
        • Process & Workflows
        • Specifications
      • User Benefits
      • User Registration
        • Key Features
        • Process & Workflows
        • Specifications
        • Sequence Diagrams
      • Roles per Module
    • API Specifications
    • Security
    • Privacy
  • 🧰DRISTI Platform
    • Architecture
      • Overview
      • Principles
      • High Level Design
        • Technology Stack
        • Access Control & Roles
        • Data & Analytics
        • Non Functional Requirements
          • Performance
          • Security
          • Data Retention
        • Logging Guidelines
      • Low Level Design
        • Advocate
          • Advocate - API Specifications
          • Sequence Diagram
        • Application
          • Application - API Specifications
          • Sequence Diagram
        • Case
          • Case - API Specifications
          • Sequence Diagram
        • Case Management
          • Case Management - API Specifications
          • Sequence Diagram
        • Evidence
          • Evidence - API Specifications
          • Sequence Diagram
        • Hearing
          • Hearing - API Specifications
          • Sequence Diagram
        • Order
          • Order - API Specifications
          • Sequence Diagram
        • Task
          • Task - API Specifications
          • Sequence Diagram
          • Summons
          • Warrant
      • Architectural and Design Decisions
        • Data Visibility
        • Detailed Case Access
        • Case Numbering
          • Filing Number
          • Court Case Number
          • CNR Number
          • Case Stages, Numbers & Dates
    • Interoperability
    • Release Notes
      • Release 1.1.0
      • Release 1.2.0
  • 🪝Setup
    • Planning DRISTI Implementation
    • Establish Project & Team
    • Gather Requirements
    • Installation
      • Infrastructure Setup
        • Azure Setup
        • SDC - OpenShift Setup
      • Code Deployment
      • Configuration
        • Functional Configuration
        • Service Configuration
          • Court
            • Court UI
          • Case
            • Case UI
          • Advocate
            • Advocate UI
          • Application
            • Application UI
          • Task
            • Task UI
          • Order
            • Order UI
          • Hearing
            • Hearing UI
          • Evidence
            • Evidence UI
    • Quality Assurance Testing
    • Go Live
    • Operational Support
    • Monitoring
  • 🛣️Roadmap & Updates
    • Roadmap
  • 🌾Resources
    • Source Code
    • Technology Stack
    • Licensing
    • Legal Taxonomy
  • 🌐COMMUNITY
    • Interested in Contributing?
    • Github Discussion
    • Code of Conduct
  • 🪝Setup
    • Coming soon...
    • 🟢ABOUT US
Powered by GitBook
On this page
  1. DRISTI Platform
  2. Architecture
  3. High Level Design
  4. Non Functional Requirements

Security

This section details the security related validations done for DRISTI. These are primarily divided into two kinds of security testing

Code Scanning

The DRISTI git repo has been enabled with various code scanning tools that help identify security issues in the code

  • CodeQL

  • Dependabot

  • Secret Scanning

  • Trivy

  • Semgrep OSS

  • Snyk Open Source

  • SonarQube

Security Audit

This includes a series of tests done by a security audit agency. This includes security audit, vulnerability assessment and penetration testing. This includes a variety of tests like network security, penetration testing, SQL injection, cross site scripting, denial of service, OWASP top 10, identity spoofing etc.

In addition the application has been tested by a community of ethical hackers.

PreviousPerformanceNextData Retention

Last updated 4 months ago

🧰
  • Code Scanning
  • Security Audit