I want to onboard Selenium IDE to my current Investment Firm .Need help to get some answers on security aspect
20 views
Skip to first unread message
Bunty
Jan 23, 2022, 11:37:20 PM1/23/22
to Selenium Users
HI Community ,
I am huge fan of Selenium IDE for Chrome .But to onboard it to an Investment Firm ,i work ,would need some help in answering few questions w.r.t data privacy and usage .
1)What type of data is handled by the extension .Any PII data at risk ?
2)Does this plugin requires local PC port opening ?
3)Use of jars/library by the extension .Can we configure where from the extension should point for Selenium jars/Chrome binary?
4)Ask on damage potential :
a)if attackers gain access to the plugin ,what's the worst situation that would arise
b)if tampered data (steps recorded)is stored in storage for further use by users?
c)Please measure impact incase of system compromise - (Reputation/Regulatory/Financial | High/Moderate/Low)
1)What type of data is handled by the extension .Any PII data at risk ?
2)Does this plugin requires local PC port opening ?
3)Use of jars/library by the extension .Can we configure where from the extension should point for Selenium jars/Chrome binary?
4)Ask on damage potential :
a)if attackers gain access to the plugin ,what's the worst situation that would arise
b)if tampered data (steps recorded)is stored in storage for further use by users?
c)Please measure impact incase of system compromise - (Reputation/Regulatory/Financial | High/Moderate/Low)
5)Can i restrict the plugin once onboarded to be used for specific domains and environment alone .
6)Is there any enterprise edition available ?
7)If onboarded .Will there be any data the extension feeds to external world ?.
8)With newer versions of Chrome coming up ,will the extension stop working ?Can we change the dependent libraries ourselves .
Regards,
Diptanu
Reply all
Reply to author
Forward
0 new messages