Talakunchi - Scoping Questionnaires (Combined)

The document contains a request for application security review and secure code review services for multiple applications. It requests details about the applications such as name, type, description, programming languages used, third party libraries, number of pages/screens, lines of code, privilege levels, and regulatory requirements. It also requests infrastructure details like internal and external IP addresses, number of firewalls, hosting type, and cloud provider if applicable. Finally, it includes a request for a secure configuration audit providing details of servers, security devices, and networking equipment in use.

Uploaded by

Its greyer than you think

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

171 views7 pages

Talakunchi - Scoping Questionnaires (Combined)

Uploaded by

Its greyer than you think

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as XLSX, PDF, TXT or read online on Scribd

You are on page 1/ 7

Application Security & Secure Code Review

Customer Details Name

Point of Contact
Developer

Query Application 1
Name of the Application
Type of Application Web / Mobile / Webservices
Standard (please provide vendor) /
Nature of Application
Custom
Description
Application Version
Programming Language used PHP
Framework used No framework
No 3rd party libraries on PHP / HTML
3rd Party Libraries used
shall have a few
Integration with 3rd Party API No 3rd party API
No of Pages / Screens 15-20 Screens
Lines of Code (Total) Approx 1000 LOC
Privilege Levels Admin, User
Testing Location Onsite / Offshore
Regulatory Standard requirements
Additional Information
Application Security & Secure Code Review

Contact Phone

Application 2 Application 3

Web / Mobile / Webservices Web / Mobile / Webservices

Standard (please provide vendor) / Standard (please provide vendor) /
Custom Custom

Onsite / Offshore Onsite / Offshore

Application ..n

Web / Mobile / Webservices

Standard (please provide vendor) /
Custom

Onsite / Offshore
Infrastructure VA-PT

Customer Details Name Contact

Point of Contact
Administrator

# Query Customer Response

1 No of Internal IP addresses (Intranet)

Are internal IP address accesible from remote
1.1 Yes / No
via VPN
1.2 Number of Locations
Are internal IP addresses accesible from single
1.3 location Yes / No

2 No of External IP addresses (Internet)

3 Is authenticated testing expected? Yes / No
4 Hosting Type Cloud / On-Prem
5 Cloud Service Provider (If applicable)
6 No of Firewalls
Phone Email
Secure Configuration Audit
Customer Details Name Contact
Point of Contact
Administrator

Query Customer Response

#
Type Make Version
Servers
- Operating System
- WebServer
- Database
Security Devices
- Firewall
- IPS/IDS
- WAF
- DLP
- Proxy
Networking Devices
- Router
Add all varients of servers, devices on separate lines
Phone Email

Qty

Web - VAPT - Report - Blood - Bank - Prod-DT - 21.10.24 - V1.0
No ratings yet
Web - VAPT - Report - Blood - Bank - Prod-DT - 21.10.24 - V1.0
42 pages
Synopsis On Real Estate PHP
No ratings yet
Synopsis On Real Estate PHP
11 pages
2025 Cybersecurity Attacks Playbooks 1739762471
No ratings yet
2025 Cybersecurity Attacks Playbooks 1739762471
81 pages
Plesk Installation Upgrade Migration Guide
No ratings yet
Plesk Installation Upgrade Migration Guide
193 pages
The Zero Trust EXtended Security Maturity Assessment
No ratings yet
The Zero Trust EXtended Security Maturity Assessment
38 pages
Tabletop Exercise HSEEP
No ratings yet
Tabletop Exercise HSEEP
19 pages
Inspector General of Registration - Tamil Nadu
No ratings yet
Inspector General of Registration - Tamil Nadu
1 page
Audit Program For VMWare, and Netapp Controls in XYZ Co-Location Data Center
No ratings yet
Audit Program For VMWare, and Netapp Controls in XYZ Co-Location Data Center
9 pages
23eo5 St#is#6775 Assignment 8
No ratings yet
23eo5 St#is#6775 Assignment 8
5 pages
FSISAC_GenerativeAI-VendorEvaluation&QualitativeRiskAssessmentTool
No ratings yet
FSISAC_GenerativeAI-VendorEvaluation&QualitativeRiskAssessmentTool
8 pages
Sectrio NIST CSF 20 Audit
No ratings yet
Sectrio NIST CSF 20 Audit
89 pages
Cehv10 Module 01 Introduction To Ethical Hacking
No ratings yet
Cehv10 Module 01 Introduction To Ethical Hacking
219 pages
FedRAMP Security Controls Baseline
No ratings yet
FedRAMP Security Controls Baseline
3,273 pages
Secureframe - ISO 27001 Risk Assessment Template
No ratings yet
Secureframe - ISO 27001 Risk Assessment Template
1 page
Network_Security_Policy_v3
100% (1)
Network_Security_Policy_v3
8 pages
User Evidencecollection CC Evidence Collection Checklist v2-2021-11!23!02!35!16
No ratings yet
User Evidencecollection CC Evidence Collection Checklist v2-2021-11!23!02!35!16
71 pages
Security Guidance For Critical Areas of Focus in Cloud Computing v5 Release Presentation
No ratings yet
Security Guidance For Critical Areas of Focus in Cloud Computing v5 Release Presentation
51 pages
Social Engineering Fraud - Questions and Answers PDF
No ratings yet
Social Engineering Fraud - Questions and Answers PDF
4 pages
Thesis Topics For Cyber Security
100% (3)
Thesis Topics For Cyber Security
6 pages
A Physical Security Guide To Nerc Cip Compliance
No ratings yet
A Physical Security Guide To Nerc Cip Compliance
25 pages
Xobni User Manual
No ratings yet
Xobni User Manual
35 pages
Unit 2
100% (1)
Unit 2
41 pages
Cybersecurity and Cyber Resilience Framework (CSCRF) For SEBI Regulated Entities (REs)
No ratings yet
Cybersecurity and Cyber Resilience Framework (CSCRF) For SEBI Regulated Entities (REs)
205 pages
Grindr US Pitch Document
100% (1)
Grindr US Pitch Document
5 pages
Web Application Security
No ratings yet
Web Application Security
12 pages
Isms Certification Readiness Recheck Questionnaire
No ratings yet
Isms Certification Readiness Recheck Questionnaire
19 pages
REPORT
100% (1)
REPORT
5 pages
Junos Routing Essentials: Detailed Lab Guide
100% (1)
Junos Routing Essentials: Detailed Lab Guide
116 pages
Application Review Audit Program
No ratings yet
Application Review Audit Program
7 pages
NIST CSF Auditor Checklist: Function Category Identify (Id)
No ratings yet
NIST CSF Auditor Checklist: Function Category Identify (Id)
21 pages
Firewall Checklist PDF
No ratings yet
Firewall Checklist PDF
5 pages
Methods of Information Systems Protection
No ratings yet
Methods of Information Systems Protection
19 pages
Symfony Book 2.8 PDF
No ratings yet
Symfony Book 2.8 PDF
223 pages
CSF PF To Sp800 53r5 Mappings
No ratings yet
CSF PF To Sp800 53r5 Mappings
285 pages
Second Review
No ratings yet
Second Review
15 pages
RSA Archer Threat Management 4 Overview Guide
No ratings yet
RSA Archer Threat Management 4 Overview Guide
33 pages
Fail 2 Ban
No ratings yet
Fail 2 Ban
10 pages
10 - Risk RASC
No ratings yet
10 - Risk RASC
2 pages
RFP For Office 365 Email Security Solutions Including Email Gateway, Email DLP and Email ATP
No ratings yet
RFP For Office 365 Email Security Solutions Including Email Gateway, Email DLP and Email ATP
68 pages
A Look at Layered Security
No ratings yet
A Look at Layered Security
20 pages
Schedule C-3-2 Cloud Security Risk Assessment Questionnaire
No ratings yet
Schedule C-3-2 Cloud Security Risk Assessment Questionnaire
22 pages
Security Considerations in The System Development Life Cycle PDF
No ratings yet
Security Considerations in The System Development Life Cycle PDF
29 pages
Users, Groups, and Roles in Cognos
No ratings yet
Users, Groups, and Roles in Cognos
9 pages
Planning For Information Security Testing - Joa - Eng - 0916
No ratings yet
Planning For Information Security Testing - Joa - Eng - 0916
10 pages
Configuration of Rsnet4
No ratings yet
Configuration of Rsnet4
9 pages
Module # 3: Challenge Questions
No ratings yet
Module # 3: Challenge Questions
14 pages
WPAD Configuration Guide
No ratings yet
WPAD Configuration Guide
8 pages
RSL SecureCodeReview Example Report
No ratings yet
RSL SecureCodeReview Example Report
28 pages
Integration of ITIL V3 ISO 20000 and ISO
No ratings yet
Integration of ITIL V3 ISO 20000 and ISO
18 pages
Lumu Ransomware Response Playbook
100% (1)
Lumu Ransomware Response Playbook
10 pages
Wazuh PCI DSS Guide PDF
100% (1)
Wazuh PCI DSS Guide PDF
49 pages
Practical Issues With TLS Client Certificate
No ratings yet
Practical Issues With TLS Client Certificate
13 pages
Handover SAP Systems: Datum Zustand Autor
No ratings yet
Handover SAP Systems: Datum Zustand Autor
17 pages
Cybersecurity CISO Vital Part Operations
No ratings yet
Cybersecurity CISO Vital Part Operations
11 pages
ITGC
No ratings yet
ITGC
11 pages
MSP Cybersecurity Checklist Final
No ratings yet
MSP Cybersecurity Checklist Final
12 pages
Pta Ctdisr
No ratings yet
Pta Ctdisr
62 pages
MMWT Xii WT 1 T1 2018
No ratings yet
MMWT Xii WT 1 T1 2018
4 pages
ISO27k1 SMSI Declaration Applicabilite 2022
No ratings yet
ISO27k1 SMSI Declaration Applicabilite 2022
5 pages
AI - LLM - Risks - Threats
No ratings yet
AI - LLM - Risks - Threats
6 pages
Documento de Trabajo de La UIT
No ratings yet
Documento de Trabajo de La UIT
3 pages
Buy Cpanel License and VPS Activation Services
No ratings yet
Buy Cpanel License and VPS Activation Services
2 pages
SWIFT CSP Security Controls Public 2022
No ratings yet
SWIFT CSP Security Controls Public 2022
30 pages
Fisma Assignement (Template)
No ratings yet
Fisma Assignement (Template)
3 pages
Project Title Hybrid Cloud Approach For Secured Authorized De-Duplication
No ratings yet
Project Title Hybrid Cloud Approach For Secured Authorized De-Duplication
2 pages
Network Security Policy v1
No ratings yet
Network Security Policy v1
6 pages
C-SCRM Fact Sheet
No ratings yet
C-SCRM Fact Sheet
2 pages
Modified Slides From Martin Roesch Sourcefire Inc
No ratings yet
Modified Slides From Martin Roesch Sourcefire Inc
31 pages
Frameworks and Assessment Tools
No ratings yet
Frameworks and Assessment Tools
2 pages
Information Security Management and Metrics
No ratings yet
Information Security Management and Metrics
30 pages
Isc2 Cissp 1 13 1 Threat Modeling Concepts and Methodologies
No ratings yet
Isc2 Cissp 1 13 1 Threat Modeling Concepts and Methodologies
2 pages
Control Control Requirements: Statement of Applicability
No ratings yet
Control Control Requirements: Statement of Applicability
3 pages
Payment Card Industry Data Security Standard (PCI DSS) 3.2.1 On AWS
No ratings yet
Payment Card Industry Data Security Standard (PCI DSS) 3.2.1 On AWS
29 pages
Passing Unix Linux Audit With Power Broker
100% (2)
Passing Unix Linux Audit With Power Broker
11 pages
Ponemon Report The Economics of Security Operations Centers
No ratings yet
Ponemon Report The Economics of Security Operations Centers
32 pages
The Revolution of Internet
No ratings yet
The Revolution of Internet
1 page
Lecture 4: Introduction To Regulatory Standards in Networking and Octave Allegro
No ratings yet
Lecture 4: Introduction To Regulatory Standards in Networking and Octave Allegro
43 pages
Sacramento State Level 1 Systems Access Review Template
No ratings yet
Sacramento State Level 1 Systems Access Review Template
4 pages
NESA Compliance Service - Paladion Networks - UAE
No ratings yet
NESA Compliance Service - Paladion Networks - UAE
8 pages
Differentiating Between Access Control Terms
No ratings yet
Differentiating Between Access Control Terms
12 pages
Top Threats To Cloud Computing
No ratings yet
Top Threats To Cloud Computing
9 pages
It Audit Checklist
No ratings yet
It Audit Checklist
3 pages
Tenable Csis Compliance Whitepaper
No ratings yet
Tenable Csis Compliance Whitepaper
22 pages
CISO Proposal 23dec2015
No ratings yet
CISO Proposal 23dec2015
7 pages
Secure SDLC Consideration With NIST SP 800 64
No ratings yet
Secure SDLC Consideration With NIST SP 800 64
27 pages
BSIMM V Activities
No ratings yet
BSIMM V Activities
32 pages
Developing A Database Security Plan
100% (1)
Developing A Database Security Plan
13 pages
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet