Friday 22 June 2018

Quality, Security, Performance Checks in Adobe Cloud Manager

Brief Overview:
As we all know, Adobe Cloud Manager(ACM) is part of the Adobe Managed Cloud Services. Using Adobe Cloud Manager(ACM) organizations can manage their AEM application in cloud themselves.
Read more: Why you should think of using Adobe Cloud Manager for AEM Projects?

There are 3 types of Quality checks provided by ACM CI/CD process.
  • Code Quality
  • Performance Testing
  • Security Testing

Below given Security & Performance Testing criteria's
1. Security checks


Critical security is based on 13 AEM Security health checks.
  • AuthorizableNodeName Implementation does not expose authorizable ID in the node name.path
  • Dispatcher filtering request validation
  • The Adobe Granite HTML library manager is configured appropriately
  • Default password must be changed
  • Deserialization firewall Attach API readiness is in an acceptable state
  • Deserialization firewall is Functional
  • Deserialization firewall is Loaded
  • Sling default GET servlet is protected from DOS attacks
  • The Sling Java Script Handler is configured appropriately
  • The Sling JSP Script Handler is configured appropriately
  • The Sling referrer filter is configured in order to prevent CSRF Attacks
  • Correct SSL configuration
  • No Obviously insecure user profile polices found
Important - 6 check points
  • CRXDE Support bundle is disabled
  • Sling DavEx bundle and servlet are disabled
  • Sample content is not installed
  • Both the WCM Request Filter and the WCM Debug Filter are disabled
  • The web server is configured to prevent clickjacking
  • Sling WebDAV bundle and servlet are configured appropriately
  • Replication is not using the admin user
2. Performance Tests are based on

  • Error rate is less than 2%
  • Total CPU utilization is less than 80%
  • Disk I/O wait time s less than 50%
  • 95 % response time er page is not longer than 3s
  • Peak response time is not longer than 18s
  • Page views per minute is greater than or equal to 200
  • Disk bandwidth utilization is less than 90%
  • Network bandwidth utilization is less than 90%
  • Overall requests per minute is less than 6000
3. Code Quality checks
The ACM build does code inspection based on SonarQuebe, which includes around 110 rules like standard Sonar Java rules,FindBugs rules, Cognifide AEM Rules, Adobe-created Rules.

Read More:
Why you should think of using Adobe Cloud Manager for AEM Projects? 

No comments:

Post a Comment