Great Deal! Get Instant $10 FREE in Account on First Order + 10% Cashback on Every Order Order Now

Using the materials in GitLab, Firebase and thevulnerability report. Please add security features where necessary and write ina report of what changes were made.Please use my login for writing the...

1 answer below »


Using the materials in GitLab, Firebase and the
vulnerability report. Please add security features where necessary and write in
a report of what changes were made.



Please use my login for writing the report (It is the same
as the Firebase login).



For the report add to the following link:



https://docs.google.com/document/d/1D2hGLLK2yR6DlvUSJ6OqeEUdG3hU7FOdb6ySKIcGWQc/edit?pli=1&tab=t.0#heading=h.8h0npxsghoww





To connect to the Firebase and GitLab you will need to
connect to the VPN first. Please be very thorough, it needs like I need to have
worked on this for weeks.





Use the following link to access Gitlab. You will have to
first be connected to the VPN



https://gitlab.cs.wwu.edu/users/sign_in



GitLab Login (Alumni Money)



XXXXXXXXXX



&pHjT&D8T*VdBi





Use the following link to connect to the firebase



https://accounts.google.com/InteractiveLogin/signinchooser?continue=https%3A%2F%2Ffirebase.google.com%2F_d%2Freturn%3Fcontinue%3Dhttps%253A%252F%252Ffirebase.google.com%252F&ifkv=AaSxoQyKgRPXvyvulAjae94-DKUd9-NjI8SYYLjXbQdU8rI4JnzumFHTlORJlT9htpNicpny__hE7w&ddm=0&flowName=GlifWebSignIn&flowEntry=ServiceLogin



Firebase Login



XXXXXXXXXX



C!nn@m0n!1998





Use the following link to download the vpn client



https://support.cs.wwu.edu/home/access/csci_vpn/index.html



OpenVPN Connect Login



XXXXXXXXXX



&pHjT&D8T*VdBi

Answered 6 days After Nov 23, 2024

Solution

Pashikanti Sneha answered on Nov 30 2024
3 Votes
Introduction
This report outlines the security improvements implemented for the GitLab repository and Firebase project used in the Alumni Videos project. The changes aim to mitigate vulnerabilities, protect sensitive data, and ensure a robust security posture for continued safe use.
GitLab Security Enhancements
1. Two-Factor Authentication (2FA)
· Enabled 2FA for all users to add an extra layer of security to user accounts.
· Mandated 2FA for all team members by configuring Settings > General > Sign-in Restrictions.
2. Secret Management
· Scanned the repository for exposed credentials using GitLab’s Secret Detection.
· Replaced hardcoded secrets (e.g., API keys, tokens) with environment variables stored in Settings > CI/CD > Variables.
· Protected variables were restricted to specific
anches for additional safety.
3. CI/CD Pipeline Security
· Restricted CI/CD pipeline modification permissions to authorized personnel in Settings > CI/CD > Permissions.
Integrated Dynamic Application Security Testing (DAST) in the CI/CD pipeline by updating the .gitlab-ci.yml file:
dast:
stage: test
image: registry.gitlab.com/gitlab-org/security-products/dast
script:
- dast scan
allow_failure: true
·
4. Dependency Scanning
· Enabled Dependency Scanning to detect vulnerabilities in li
aries used by the project.
· Updated vulnerable dependencies identified during scans.
5. Access Control
· Reviewed and adjusted user roles in Settings > Members to ensure that only trusted users have Maintainer or Owner permissions.
Firebase Security Enhancements
1. Authentication and Authorization
· Configured Firebase Authentication to support secure user logins using Email/Password and Google Sign-In.
· Enforced strong password policies to enhance user account security.
2. Security Rules Update
Strengthened Realtime Database and Firestore security rules:
{
"rules":...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Looking For Homework Help? Get Help From Best Experts!

Copy and Paste Your Assignment Here