Current structure of our application and target on new system:
- Vue + Vuex for the web interface
- axios for communication with the backend
- Node.js Express as web server
- MongoDB as database
The following security measures must be set up:
1. restrict access via firewall settings only from the specified perimeter.
2. check the hardening and the permissions of the operating system user and the container environment (Linux SE)
3. use of a vulnerability scanner on the IP address of [login to view URL]
4. checking the malware detection (Watering Hole / HIDS)
5. segmentation of the application according to the DMZ scheme per namespace
6. implement multi-factor authentication when accessing the servers
7. to provide us with a technical architectural picture of the application in which the current security controls can be identified.