Critical CVEs → 0 before go-live
Public Records Redaction: VISTA + Security & Compliance
Context
Records team needed bulk video/audio redaction with audit trails. IT required a provable security posture and accessibility remediation.
Approach
- •OWASP sweep + SBOM; dependency policy & headers (CSP/HSTS)
- •VISTA redaction workflows (faces/plates/objects), reviewer queue
- •Access logging, chain-of-custody, and retention policies