← SwissSign AG cases
Bugzilla #1990271
CCADB Compliance
SwissSign: recommendation on firewall review
RESOLVED
FIXED
SwissSign AG
AI Summary
The audit report for SwissSign recommended improvements in the review process for firewall rules, particularly in identifying unused rules. The challenge identified was the limited automated visibility into firewall rule usage within an infrastructure-as-code environment, complicating the detection of unused rules. SwissSign has since investigated technical capabilities to enhance the firewall review process and has completed all action items related to this recommendation. They remain committed to continuous improvement in compliance with ETSI EN 319 401.
Chronology
- Audit report containing recommendations published
- Action items completed and reviewed by auditors
Participants
Sandy Balzer
External References
Similar Local Cases
SwissSign: recommendation on publication process for CA related data
SwissSign: recommendation on log review process
SwissSign: recommendation on review of key pair generation implementation
SwissSign: recommendation on BIA/BCP test coverage
SwissSign: recommendation on linting software updates
SwissSign: Audit Letter Validation failures on intermediate certificates
Certigna: Delay in reporting an audit finding
IdenTrust: Delay in updating a Bugzilla ticket Bug 2014610 - Next update