Add ssot link to security reviews documentation
This commit is contained in:
parent
13cd7cd76f
commit
58d3d9ce9c
|
@ -58,12 +58,7 @@ from teams other than your own.
|
||||||
|
|
||||||
#### Security requirements
|
#### Security requirements
|
||||||
|
|
||||||
1. If your merge request is processing, storing, or transferring any kind of [RED or ORANGE data](https://docs.google.com/document/d/15eNKGA3zyZazsJMldqTBFbYMnVUSQSpU14lo22JMZQY/edit) (this is a confidential document), it must be
|
View the updated documentation regarding [internal application security reviews](https://about.gitlab.com/handbook/engineering/security/index.html#internal-application-security-reviews) for **when** and **how** to request a security review.
|
||||||
**approved by a [Security Engineer][team]**.
|
|
||||||
1. If your merge request involves implementing, utilizing, or is otherwise related to any type of authentication, authorization, or session handling mechanism, it must be
|
|
||||||
**approved by a [Security Engineer][team]**.
|
|
||||||
1. If your merge request has a goal which requires a cryptographic function such as: confidentiality, integrity, authentication, or non-repudiation, it must be
|
|
||||||
**approved by a [Security Engineer][team]**.
|
|
||||||
|
|
||||||
### The responsibility of the merge request author
|
### The responsibility of the merge request author
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue