Skip to content
suchcodewow

Lab B - Governance

Goals

With Harness, governance and security is paramount- and the platform is uniquely built to provide peace of mind for security teams while empowering software delivery.

In this section, we’ll get a view of how a security team could implement critical security policies.. and then show how developers can elegantly, easily meet those policies.

Lab Guide

Security Team - implement policy

  1. Just for the one person assigned as security team:
    Click organization at the top of page
    Click Organization Settings on the left
    Scroll down to Security and Governance and click Policies
    Click Policy sets in the top right
    View the policy with the mini hamburger button and *edit
    Finally, flip the switch of “enforced” to on

    Development team - What does it mean?

  2. In Pipeline Runner: click Re-run Pipeline, then click Re-run pipeline

  3. A popup will show an upcoming security deadline requiring security

    Development team - Update to meet standards, fast!

  4. In the top right of Pipeline Runner: click Edit Pipeline edit pipeline

  5. In the pipeline: 1 click Build, 2 click Execution, 3 hover and click blue add symbol, 4 click Use template insert devx

  6. In the templates pane: click Devx Fortify Scan, then click Use Template (bottom right corner!)

  7. In the template pane: name the template Devx Fortify, then Apply Changes

  8. Back in Pipeline Studio: 1 click the “big” add button at the end of pipeline, then 2 use template insert owasp

  9. In the template pane: click Owasp, then Use Template (bottom right corner!)

  10. In the template pane: name the template Owasp, then Apply Changes

    Run updated pipeline

  11. Back in Pipeline Studio (top right): 1 Click **Save*, 2 Click **Run** harness run