Difference between revisions of "GC ESA Artifact Repository"

From wiki
Jump to navigation Jump to search
(Created page with "<div class="center"><div style="float: right; z-index: 10; position: absolute; right: 0; top: 1;">File:JoinusonGCconnex.png|link=https://gcconnex.gc.ca/groups/profile/278554...")
 
Line 16: Line 16:
 
! style="background: #9a9af8; color: black" width="18%" scope="col" |  [[GC ESA Artifact Repository|ESA Artifact Repository]]  
 
! style="background: #9a9af8; color: black" width="18%" scope="col" |  [[GC ESA Artifact Repository|ESA Artifact Repository]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[GC Threat Assessments - Repository| GC Threat Assessment Repository]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[GC Threat Assessments - Repository| GC Threat Assessment Repository]]  
! style="background: #c2c2fa; color: black" width="12%" scope="col" | [[GC Security Assessments - Repository|GC Security Assessment Repository]]
 
 
! style="background: #c2c2fa; color: black" width="18%" scope="col" | [[Emerging Technologies]]
 
! style="background: #c2c2fa; color: black" width="18%" scope="col" | [[Emerging Technologies]]
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  
 
! style="background: #c2c2fa; color: black" width="16%" scope="col" | [[Other Resources]]  

Revision as of 08:39, 15 April 2021

GC ESA Artifacts

GC ESA Program Charter -- Synopsis // Charte du programme de l'ASI du GC

GC ESA Program Implementation Framework -- Synopsis

GC ESA Framework -- Synopsis

GC ESA Backgrounder -- Synopsis

GC ESA Vision and Strategy

GC ESA Enterprise Threat Assessment - January 2017 Update

GC ESA Requirements Database Overview

GC ESA Architectural Needs

GC ESA System Requirements Traceability Matrix

GC ESA Security Controls Mapping Matrix

Mobile Device Security Considerations Discussion Paper

GC ESA PALL-PBMM Security Control Profile Analysis

GC ESA Security Guide for Installation of Interconnections

GC ESA Concept of Operations

GC ESA ConOps Main Body -- Synopsis

GC ESA ConOps Annex A: Data Loss Prevention -- Synopsis

GC ESA ConOps Annex B: Cloud Security -- Synopsis

GC ESA ConOps Annex C: Secure Enterprise Application Delivery -- Synopsis

GC ESA ConOps Annex D: Secure Enterprise Systems Administration -- Synopsis

GC ESA ConOps Annex E: Vulnerability Management System -- Synopsis

GC ESA Description Documents

GC ESA Description Document Main Body -- Synopsis

GC ESA Description Document Annex A - Endpoint Security (END) -- Synopsis

GC ESA Description Document Annex B - Data Security (DAT) -- Synopsis

GC ESA Description Document Annex C - Network and Communications Security (NCS) -- Synopsis

GC ESA Description Document Annex D - Security Operations (OPS)

GC ESA Description Document Annex E - Application Security (APP)

GC ESA Description Document Annex F - Compute and Storage Services Security (CSS)

GC ESA Pattern Diagrams & Use Cases

GC ESA END Pattern Diagrams and Use Cases

GC ESA DAT Pattern Diagrams and Use Cases

GC ESA NCS Pattern Diagrams and Use Cases

GC ESA OPS Pattern Diagrams and Use Cases

GC ESA APP Pattern Diagrams and Use Cases

GC ESA CSS Pattern Diagrams and Use Cases

GC ESA Initiatives

Cloud Security
GC Cloud Security Risk Management Approach and Procedures // Approche et procédures de gestion de risque de la sécurité de l’informatique en nuage GC Security Control Profile for Cloud-Based GC IT Services (PB/M/M) (Version 1.1, March 2018) // Profil de contrôle de sécurité pour les services de la TI du GC fondés sur l’informatique en nuage (PB/M/M) (Version 1.1, mars 2018)

GC Cloud Tiered Assurance Model
GC SaaS Assessment Tool
GC Enterprise Hybrid Cloud High-Level Design
Considerations for the Use of Cryptography in Cloud // Considérations relatives à l’utilisation de la cryptographie dans les services d’informatique en nuage commerciaux
GC ESA SaaS Design Patterns

GC Secure Cloud Connectivity Requirements

GC Cloud Guardrails

Considerations for Enabling Collaboration in MS Teams / Considérations pour faciliter la collaboration dans Microsoft Teams

Considerations for Using Microsoft Cognitive Services / Considérations liées à l’utilisation de Microsoft Cognitive Services
GC Cloud Enablement - The Building Blocks / Les éléments de base pour les solutions infonuagiques du GC


Application Security
GC DevSecOps Conceptual Framework
DRAFT Guidance on Software Assurance
DRAFT Guidance for Secure Application Development
DRAFT Guidance for Secure Containers and Microservices
DRAFT Security Controls Mapping to Docker and Kubernetes
Application Security Training - Sept 2018

Data Loss Prevention
GC ESA Data Loss Prevention High-Level Design
GC Enterprise Data Loss Prevention Implementation Strategy
DRAFT GC ESA Data Protection Strategy - DLP Initiative Presentation

Vulnerability Management System
GC ESA Vulnerability Management System High-Level Design
Overview of Vulnerability Disclosure for the GC
Vulnerability Disclosure Program for the GC - Recommendations Report
Vulnerability Disclosure Policy Template

GC Trusted Interconnection Points (GC-TIP)
GC Trusted Interconnection Points (GC-TIP) Concept

GC Endpoint Visibility and Awareness (EVA)
GC Endpoint Visibility and Awareness (EVA) Concept

GC Zero Trust Security (ZTS)
GC Zero Trust Security (ZTS) Concept
DRAFT GC Zero Trust Security Reference Architecture

GC Enterprise Continuous Monitoring
DRAFT GC Enterprise Information Security Continuous Monitoring Concept

Identity, Credential, and Access Management
Cyber Authentication Technology Solutions (CATS) specifications (2.0 and draft 3.0)
DRAFT Social Media Login Guidance
GC Cloud Authentication Guidance
Recommendations for Two-Factor Authentication within the GC Enterprise Domain
GC Multi-Factor Authentication (MFA) Strategy Paper

Password Guidance
GC Password Guidance
DRAFT Implementation Strategy for GC Password Guidance
GC Password Manager Guidance
Generic BRD for AD Passphrase Compatibility Tools


Guidance


SPIN-2015 Priority IT Actions
SPIN-2015 Follow-up Activities
Guidance for the Secure Use of Collaboration Tools / Orientation sur la facilitation de l’accès aux services Web

DRAFT Availability by Design Position Paper

Rationale for the Protection Against Exploits of Shared Resources *DRAFT*

ITSG-33 Primer for IT Projects
GC Event Logging Guidance
GC Patch Management Guidance
Security Playbook for Information System Solutions

Ransomware FAQ
Considerations for GC Communication Technologies / Considérations liées aux technologies des communications du GC

Security Control Profiles

Security Control Profile for Human Resources Services
Security Control Profile for Financial and Material Management Resources Services
Security Control Profile for Information Management Services


Standard Operating Procedures

Guideline for Authorization of Enterprise Systems
GC Cloud Event Management Standard Operating Procedure
Exception Process for Inverse Split Tunneling Allow List / Demande d’exception visant une mise sur liste autoriser de la segmentation du tunnel inverse
Netlogon Remediation Procedure / Procédure de correction pour Netlogon

Tools

GC ESA Tools Report

Security Categorization Tool (incl. Manual & Example)

Business Needs for Security Tool (incl. User Manual)

Threat Assessment Tool (incl. Manual & Example)


Templates

ITSG-33 Controls Template (.VSD)

Concept of Operations (ConOps) Template

System Operational Concept (SysCon) Template

GC ESA Guide for ConOps and SysCon Document Templates

Comments Template


Presentations

Introduction to Enterprise Security Architecture (GC Security Summit 2014)

Introduction au Programme d’architecture de sécurité intégrée du GC (Sommet sur la sécurité GC 2014)


GC ESA Help Page

Click Here to Learn How to Edit the ESA Portal