Senior Engineer
|
91e4985a8e
|
FRE-4474 Phase 5: Verify and resolve security review findings for SpamShield and Cross-Service Correlation
- FRE-4499 (SpamShield): Verified 6 security fixes (2 High, 4 Medium)
- S01: Pre-compiled regex in RuleEngine (ReDoS fix)
- S02: SmsClassifier accepts senderPhoneNumber context
- S03: AlertServer JWT auth + origin validation
- S04: SHA-256 phone hashing (PII protection)
- S05: DecisionEngine timeout enforcement via Promise.race
- S06: CarrierFactory.getAllCarriers properly async/await
- FRE-4500 (Correlation): Verified 7 security fixes (2 Critical, 2 High, 2 Medium, 1 Low)
- C1: Ingest endpoints auth via request.user.id
- C2: IDOR protection on group endpoints (userId filter)
- H3: JWT middleware registered in server.ts
- H4: Fastify schema validation on all routes
- M6: Payload sanitization with depth limit and circular ref detection
- L7: CORS origin restricted to env var
- Resolved liveness incidents FRE-4652 and FRE-4654
- All Phase 5 child issues now complete
|
2026-05-02 18:36:29 -04:00 |
|
Senior Engineer
|
03276dde2d
|
Add cross-service alert correlation system FRE-4500
- Unified alert types (AlertSource, AlertCategory, CorrelationStatus, EntityType)
- NormalizedAlert and CorrelationGroup Prisma models
- AlertNormalizer for all 4 services (DarkWatch, SpamShield, VoicePrint, CallAnalysis)
- CorrelationEngine with temporal + entity-based correlation detection
- CorrelationService orchestrator with dashboard API
- Correlation API routes (/api/v1/correlation/*)
- Service emitters wired to DarkWatch, SpamShield, VoicePrint
- pnpm workspace config for monorepo
|
2026-05-02 01:10:44 -04:00 |
|
