Security Baseline Guidelines
We recommend that you follow these security guidelines to increase the security of your Eggplant Studio operating environment.
Secure Your System Under Test (SUT) Connection Credentials
We recommend you use your computer's operating system-specific credential management tool to store credentials used for connecting to systems under test (SUTs). For more information, see
Secure SUT Connection Credentials.
We recommend that you do not embed secrets, such as passwords, within your SenseTalk scripts, especially if you plan to commit the scripts to a shared or public source code repository, such as GitHub, GitLab or BitBucket.
Use a Recent, Supported Version of Your Operating System
We recommend you run Eggplant Functional and Eggplant Studio on the latest version of your computer's operating system which is supported by Eggplant.
Limit Remote Access to Eggplant Functional
Some features, such as Eggdrive, may allow remote users to connect to your instance of Eggplant Functional. A user who remotely accesses your instance of Eggplant Functional has access to all the SUTs in your connection list, and can
interact with your machine through various SenseTalk commands. We recommend you carefully plan your use of these features to avoid unauthorized access to your local machine or any SUT.
Connect to SUTs Using an Encrypted Connection
We recommend you connect to remote SUTs using a connection that supports encryption. For example, the Citrix and RDP connection types allow you to encrypt the connection to the remote SUT. Connections to SUTs using the VNC connection type are encrypted when SSH tunneling is enabled.
Reporting Security Issues
Security issues and bugs should be reported privately, via Keysight's