[go: up one dir, main page]
Page MenuHomePhabricator
Create Task
Maniphest T284833

Vendor Review For Tray.io
Closed, ResolvedPublic
Actions

Description

Project Information

  • Name of tool/project: Tray.io
  • Project home page: https://tray.io/
  • Name of team requesting review: Product Department
  • Primary contact: Linh Nguyen
  • Target date for deployment: July 1, 2021
  • Link to code repository / patchset: N/A

Description of the tool/project:
This is an app integration cloud platform

Description of how the tool will be used at WMF:
The tools will be used to connect our internal apps ( Asana, Slack, etc) through API to create more streamlined workflows

Dependencies

the tool is dependent on each app API service so the dependencies vary from one app to the next. Without API service this tool does not work. The tool also has the capability to access databases

Has this project been reviewed before?
No, this tool has never been reviewed before.

Working test environment
there is no test environment we have right now but if the security review process requires, I can ask the vendor or a test enviornment

Post-deployment

Product Department, Linh Nguyen

Note: this should not require a security readiness review.

Event Timeline

LNguyen triaged this task as High priority.Jun 11 2021, 5:46 PM
LNguyen created this task.
Restricted Application added a project: secscrum. · View Herald TranscriptJun 11 2021, 5:46 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
Jcross reassigned this task from Jcross to Dsharpe.Jun 11 2021, 6:28 PM
Jcross subscribed.
Jcross edited projects, added Security-Team; removed secscrum, Application Security Reviews.Jun 11 2021, 6:30 PM

Assigning to @Dsharpe and moving to Security Team incoming for triage and review.

Dsharpe lowered the priority of this task from High to Medium.Jun 11 2021, 8:55 PM

I spoke with the requestor. We came up with a plan to hit their 1 July 2021 date, and we will work that through the normal Coupa process.

sbassett renamed this task from Security Readiness Review For Tray.io (Vendor Review) to Supplier Review For Tray.io (Vendor Review).Jun 14 2021, 3:35 PM
sbassett renamed this task from Supplier Review For Tray.io (Vendor Review) to Vendor Review For Tray.io.Jun 14 2021, 3:46 PM
sbassett moved this task from Incoming to Back Orders on the Security-Team board.
sbassett added a project: Security Supplier Assessments.
sbassett updated the task description. (Show Details)
Dsharpe closed this task as Resolved.Jun 19 2021, 5:01 AM
Dsharpe added a project: SecTeam-Processed.

We will work this when Coupa request notification happens (we get notified when the SaaS request checkbox is checked in Coupa).

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits