Security Baseline Guidelines

Secure SUT Connection Credentials

We recommend you use your computer's OS-specific credential management tool to store credentials used for connecting to SUTs. For more information, see Secure SUT Connection Credentials.

We recommend that you do not embed secrets, such as passwords, within your Sensetalk scripts, especially if you plan to commit the scripts to a shared source code management tool, such as GitLab.

Using a recent, supported version of your operating system

We recommend you run Eggplant Functional on the latest version of your computer's OS which is supported by Eggplant. For example, when using Linux, we recommend you use Eggplant Functional on Ubuntu 22.04 or RedHat Enterprise Linux 8.

Limiting remote access to Eggplant Functional

Some features, such as Eggdrive, may allow remote users to connect to your instance of Eggplant Functional. A user which remotely accesses your instance of Eggplant Functional has access to all the SUTs in your connection list, and can interact with your machine through various SenseTalk commands. We recommend you carefully plan your use of these features to avoid unauthorized access to your local machine or any SUT.

Connect to SUTs using an encrypted connection

We recommend you connect to remote SUTs using a connection which supports encryption. For example, the Citrix and RDP connection types allow you to encrypt the connection to the remote SUT. Connections to SUTs using the VNC connection type are encrypted when SSH tunneling is enabled.