B6 Bachelor Security Audit Bot

The project management was mainly done via GitLab, with the GitLab server provided by our project supervisors David Koschnick and Christoph Bork. We followed agile methods and focused primarily on scrum-like project management. However, due to the small team size, we made some deviations from a pure scrum approach.

At the beginning of the project we brought together our individual skills and interests and developed a shared vision for the product. Although no one had experience in the areas, we were always supported by the expertise of our project mentors.

Initially, collaboration and knowledge sharing took place mainly in our weekly scrum meetings. Later, we began to record our findings, which helped us better track the main concept and product vision.

We used the issue and milestones board for our weekly sprints and the GitLab wiki feature as our documentation area to share our knowledge. Although there were challenges, we successfully overcame them and evolved as a team. We adapted each week our project management to get the most out of our small group and successfully work towards our common goal.

The Minimum Viable Product (MVP) was developed in parallel with creation of the system flow chart. After deciding what was possible to implement, we constructed the general user flow and arranged each function dependency in the appropriate execution order. For real-time collaboration, we used drawio and completed the system flow diagram on 30th of May.

The MVP consists of the chatbot, user login, chat context detection, chat persistence, ui hub, portscan and service identifier.

During the execution of the project, we followed agile methods and held our weekly sprint meetings every Tuesday. These meetings focused on productive communication and allowed us to keep the team informed about everyone’s progress and to discuss any problems with the supervisors. We also held on demand pair programming sessions on Thursdays to strengthen teamwork and share information.

As we continued, we divided the work and tried to be as efficient as possible. To get a clear idea of the product and project structure, we gathered together and created the system flow chart for the product. Furthermore, we learned the basics of how hackers would attack a service connected to the internet and how to effectively ensure security. The use of a ticket board and on demand retrospectives allowed us to efficiently solve problems that we encountered and to optimize our team workflow.