Roadmap execution issue derived from ROADMAP.md.
Release: v1.0.9
Category: Security
Area: Infrastructure
Priority: P1
Risk: High
Work Type: Audit
Target Date: 2026-05-04
Validate infrastructure-level protections across the deployed stack.
Scope:
- Verify all Docker containers run as non-root.
- Audit secret file permissions.
- Enforce authentication for Redis, Orthanc, and Grafana.
- Scan Docker images for known CVEs.
- Review network segmentation between containers.
Done Criteria
- Implementation, audit, or validation work is completed for this scope.
- Evidence is captured with code, tests, or review notes as appropriate.
- Documentation is updated when the work changes user or developer behavior.
Roadmap execution issue derived from
ROADMAP.md.Release:
v1.0.9Category:
SecurityArea:
InfrastructurePriority:
P1Risk:
HighWork Type:
AuditTarget Date:
2026-05-04Validate infrastructure-level protections across the deployed stack.
Scope:
Done Criteria