ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    VSAQ - Open Source Vendor Security Assessment

    IT Discussion
    vsaq google open source risk assessment vendor risk assessment vendor questionairre
    1
    1
    468
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IRJI
      IRJ
      last edited by

      Project:
      VSAQ

      Github:
      https://github.com/google/vsaq

      Demo:
      https://vsaq-demo.withgoogle.com/

      OS:
      CentOS 7

      I could not find an installation guide anywhere for this installation online. The instructions on their github are incomplete and require additonal github repos. I am putting the install instructions here so you can quickly build this servers. I encourage you to check out the demo, and possibly have vendors fill out these forms as they will tell you alot about your vendor. They could possible save your company's ass from buying software that is insecure, or perhaps at a minimum cover your ass and force management to see potential risks.

      Install required per-requisite software

      sudo yum -y install unzip
sudo yum -y install ant 
sudo yum -y install git
sudo yum -y install curl
sudo yum -y install maven
sudo yum -y install wget
sudo yum -y install java-1.7.0-openjdk-devel

      Install Apache

      sudo yum -y install httpd
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --reload
sudo systemctl start httpd
sudo systemctl enable httpd

      Clone Github Repos

      cd /

sudo git clone https://github.com/google/vsaq

cd third_party/

sudo git clone https://github.com/google/closure-compiler

sudo git clone https://github.com/google/closure-library

sudo git clone https://github.com/google/closure-stylesheets

sudo git clone https://github.com/jleyba/js-dossier

sudo git clone https://github.com/google/safe-html-types

sudo git clone https://github.com/google/closure-templates

      Install Dependencies

      cd /vsaq/
sudo ./do.sh install_deps

      Check Dependencies

      sudo ./do.sh check_deps

      Build VSAQ

      sudo ./do.sh build

      Move files to public website

      sudo cp -r build . /var/www/html/

      Start Server

      sudo ./do.sh run
      1 Reply Last reply Reply Quote 5
      • 1 / 1
      • First post
        Last post