Merge pull request #16 from secure-dashboards/feat/improve-automation

docs/details/MFAImpersonationDefense.mdx

@@ -1,27 +1,28 @@
 ---
-sidebar_position: 6
-id: MFAImpersonationDefense
+sidebar_position: 5
+id: 6
 title: Use MFA against impersonation
 slug: /details/MFAImpersonationDefense
 ---
 
 # Use MFA against impersonation
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 Use Multi Factor Authentication (MFA) Methods that Defend Against Impersonation when Available 
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P1
 - Mitre: [CWE-290](https://cwe.mitre.org/data/definitions/290.html)
 - Sources: [OpenSSF Best Practices Badge Gold Level [secure_2FA]](https://www.bestpractices.dev/en/criteria/2#2.secure_2FA)
 - How To: [Github Docs](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/PRsBeforeMerge.mdx

@@ -1,27 +1,28 @@
 ---
-sidebar_position: 62
-id: PRsBeforeMerge
+sidebar_position: 61
+id: 62
 title: Require Pull Requests Before Merging
 slug: /details/PRsBeforeMerge
 ---
 
 # Require Pull Requests Before Merging
 
 ## Use Case
-
-- Incubating: Recommended
-- Active: Recommended
-- Retiring: Recommended
+- Incubating: recommended
+- Active: recommended
+- Retiring: recommended
 
 ## Description
 
 Require Pull Requests before Merging
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: R4
 - Mitre: [CWE-778](https://cwe.mitre.org/data/definitions/778.html)
 - Sources: [OpenSSF Scorecard](https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection)
 - How To: [Github Docs](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches#require-pull-request-reviews-before-merging)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/SSHKeysRequired.mdx

@@ -1,27 +1,28 @@
 ---
-sidebar_position: 11
-id: SSHKeysRequired
+sidebar_position: 10
+id: 11
 title: Use SSH Keys with Passphrases for Repository Access
 slug: /details/SSHKeysRequired
 ---
 
 # Use SSH Keys with Passphrases for Repository Access
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 Use SSH keys for developer access to source code repositories and use a passphrase
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P3
 - Mitre: [CWE-309](https://cwe.mitre.org/data/definitions/309.html)
 - Sources: [CNCF SSCP v1.0 #192](https://github.com/cncf/tag-security/blob/main/supply-chain-security/supply-chain-security-paper/sscsp.md#use-ssh-keys-to-provide-developers-access-to-source-code-repositories)
 - How To: [Github Docs](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/about-ssh)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/activeAdminsSixMonths.mdx

@@ -1,27 +1,27 @@
 ---
-sidebar_position: 60
-id: activeAdminsSixMonths
+sidebar_position: 59
+id: 60
 title: Require Active Admins in GitHub Org (Activity in 6 Months)
 slug: /details/activeAdminsSixMonths
 ---
 
 # Require Active Admins in GitHub Org (Activity in 6 Months)
 
 ## Use Case
-
-- Incubating: Recommended
-- Active: Recommended
-- Retiring: N/A
+- Incubating: recommended
+- Active: recommended
+- Retiring: n/a
 
 ## Description
 
 Github Organization Admins Should Have Activity In The Last 6 Months
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: R3
 - Mitre: [M1026](https://attack.mitre.org/mitigations/M1026/)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/member/stale_admin_found.html)
-- How To: 
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/activeWritersSixMonths.mdx

@@ -1,27 +1,27 @@
 ---
-sidebar_position: 61
-id: activeWritersSixMonths
+sidebar_position: 60
+id: 61
 title: Require Active Members with Write Access (Activity in 6 Months)
 slug: /details/activeWritersSixMonths
 ---
 
 # Require Active Members with Write Access (Activity in 6 Months)
 
 ## Use Case
-
-- Incubating: Recommended
-- Active: Recommended
-- Retiring: N/A
+- Incubating: recommended
+- Active: recommended
+- Retiring: n/a
 
 ## Description
 
 Github Organization Members with Write Permissions Should Have Activity In The Last 6 Months
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: R3
 - Mitre: [M1026](https://attack.mitre.org/mitigations/M1026/)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/member/stale_member_found.html)
-- How To: 
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/adminRepoCreationOnly.mdx

@@ -1,27 +1,28 @@
 ---
-sidebar_position: 15
-id: adminRepoCreationOnly
+sidebar_position: 14
+id: 15
 title: Allow Only Admins to Create Public Repositories
 slug: /details/adminRepoCreationOnly
 ---
 
 # Allow Only Admins to Create Public Repositories
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 Only Admins Should Be Able To Create Public Repositories
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P4
 - Mitre: [CAPEC-122](https://capec.mitre.org/data/definitions/122.html)
 - Sources: [OpenSSF SCM Best Practices](https://best.openssf.org/SCM-BestPractices/github/organization/non_admins_can_create_public_repositories.html)
 - How To: [Github Docs](https://docs.github.com/en/organizations/managing-organization-settings/restricting-repository-creation-in-your-organization)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/annualDependencyRefresh.mdx

@@ -1,27 +1,26 @@
 ---
-sidebar_position: 53
-id: annualDependencyRefresh
+sidebar_position: 52
+id: 53
 title: Refresh Dependencies with Annual Releases
 slug: /details/annualDependencyRefresh
 ---
 
 # Refresh Dependencies with Annual Releases
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: N/A
+- Incubating: expected
+- Active: expected
+- Retiring: n/a
 
 ## Description
 
 A new release to refresh dependencies occurs at least annually
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P14
-- Mitre: 
 - Sources: [OpenSSF Best Practices Badge Passing Level [maintained]](https://www.bestpractices.dev/en/criteria?details=true&rationale=true#0.maintained)
-- How To: 
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/assignCVEForKnownVulns.mdx

@@ -1,27 +1,26 @@
 ---
-sidebar_position: 31
-id: assignCVEForKnownVulns
+sidebar_position: 30
+id: 31
 title: Assign CVEs to All Known Security Vulnerabilities
 slug: /details/assignCVEForKnownVulns
 ---
 
 # Assign CVEs to All Known Security Vulnerabilities
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 All Known Security Vulnerabilities are Issued a CVE
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P7
-- Mitre: 
 - Sources: [OpenSSF Best Practices Badge Passing Level [release_notes_vulns]](https://www.bestpractices.dev/en/criteria?details=true&rationale=true#0.release_notes_vulns)
-- How To: 
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/automateDependencyManagement.mdx

@@ -1,27 +1,27 @@
 ---
-sidebar_position: 50
-id: automateDependencyManagement
+sidebar_position: 49
+id: 50
 title: Automate Monitoring of Outdated Dependencies
 slug: /details/automateDependencyManagement
 ---
 
 # Automate Monitoring of Outdated Dependencies
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 Automated Process is Used to Monitor for and Maintain a List of Out of Date Dependencies
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P14
-- Mitre: 
 - Sources: [OWASP SCVS L1 5.7](https://scvs.owasp.org/scvs/v5-component-analysis/)
 - How To: [Socket.Dev](https://socket.dev/)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z
 

docs/details/automateVulnDetection.mdx

@@ -1,27 +1,28 @@
 ---
-sidebar_position: 22
-id: automateVulnDetection
+sidebar_position: 21
+id: 22
 title: Automate Dependency Vulnerability Identification
 slug: /details/automateVulnDetection
 ---
 
 # Automate Dependency Vulnerability Identification
 
 ## Use Case
-
-- Incubating: Expected
-- Active: Expected
-- Retiring: Expected
+- Incubating: expected
+- Active: expected
+- Retiring: expected
 
 ## Description
 
 An automated process to identify dependencies with publicly disclosed vulnerabilities
 
 ## Details
-
-- C-SCRM: Y
+- Implementation Status: pending
+- C-SCRM: true
 - Priority Group: P6
 - Mitre: [CWE-1395](https://cwe.mitre.org/data/definitions/1395.html)
 - Sources: [OWASP SCVS L1 5.4](https://scvs.owasp.org/scvs/v5-component-analysis/)
 - How To: [Github Docs](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#managing-dependabot-security-updates-for-your-repositories)
+- Created at 2024-12-07T23:06:38.197Z
+- Updated at 2024-12-07T23:06:38.197Z