Skip to content

Latest commit

 

History

History
21 lines (15 loc) · 2.27 KB

Contribution_Guide.md

File metadata and controls

21 lines (15 loc) · 2.27 KB

Overviews

This project has several different classifications of files, based on the classification there are different reuqirements before contributions will be accepted. Here are the types of documents & some of the requirements.

Document types & requirements

  • Technical walkthrough

    • Requires a 'valid as of $date' note, version information for all dependencies, and required section to covery any 'impacts' which can happen either while implementing the information in the walkthrough or from using it. For instance, installing a log forwarding agent may have direct system impact, running a network or vulnerability scanner may cause network load issues; guidance should be provided where possible on how to minimize or monitor for impacts. Must include the following 'sections'
    • The difference between this document type and 'implementation guide' is that technical walkthroughs are more narrow - setting up a system, assessing a technology for risks, or individual security actions (how to set up private keys for ssh, etc.) Implementation guides are more about the program/function level - setting up a vulnerability management program versus setting up nessus).

  • Topic Overview

    • Must include the following 'sections'

  • Scripts/CLI tools

    • Must be thoroughly documented
    • Top of script must include the following information: sections....
    • Must notate any leftover artifacts

  • Implementation guide

    • Requires a 'valid as of $date' note, version information for all dependencies, and required section to covery any 'impacts' which can happen either while implementing the information in the walkthrough or from using it. For instance, installing a log forwarding agent may have direct system impact, running a network or vulnerability scanner may cause network load issues; guidance should be provided where possible on how to minimize or monitor for impacts. Must include the following 'sections'
    • The difference between this document type and 'implementation guide' is that technical walkthroughs are more narrow - setting up a system, assessing a technology for risks, or individual security actions (how to set up private keys for ssh, etc.) Implementation guides are more about the program/function level - setting up a vulnerability management program versus setting up nessus).