Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 2 Next »

Development Feasibility for Security for Jira

Developing the "Security for Jira" app involves evaluating the technical and operational aspects to ensure the project is achievable. Below is a breakdown of feasibility considerations:

Development Feasibility for Security for Jira

Developing the "Security for Jira" app involves evaluating the technical and operational aspects to ensure the project is achievable. Below is a breakdown of feasibility considerations:

1. Technical Feasibility

a. Jira Integration

  • Leverage Jira’s REST API and Webhooks to:

    • Scan issue content dynamically.

  • Utilize Jira’s Atlassian Connect for seamless app integration into Jira’s UI.

b. Sensitive Data Detection

  • Implement regex-based detection for common patterns (e.g., AWS keys, passwords).

  • Add support for configurable patterns to meet organizational needs.

c. Scalability

  • Design the app to handle:

    • Large projects with numerous issues.

    • Concurrent scans across multiple projects without performance degradation.

d. Technology Stack

  • Use Node.js to process sensitive data detection and integrate with Jira REST APIs.

  • Regex Engine: Libraries like regex, re2, or Pattern to detect sensitive patterns efficiently.

2. Operational Feasibility

a. User Management

  • Ensure only project administrators can access the Security Analysis page and trigger scans.

  • Provide user-friendly configuration options for defining sensitive data patterns.

b. Maintenance

  • Regular updates to detection patterns to address evolving data leakage risks.

  • Provide support for adding organization-specific patterns.

  • No labels