EN-A002-063-openclaw-security-baseline-onboarding
[EN-A002-063] Day-1 Security Baseline Onboarding
- Date: 2026-02-15
- Language: EN
- Category: Operations / Security
- Status: New
Overview
A day-1 checklist that implements the minimum security baseline once, then links specialized security articles instead of duplicating them.
OpenClaw Implementation Steps
- Agent audits current config and lists missing baseline controls.
- Sub-agent prepares change proposals; user approves before apply.
- Authentication foundation: fixed
www, no auth gaps, least privilege roles. - Secrets management: move API keys to Vault and document revoke/reissue flow.
- Monitoring & recovery: health checks, rollback runbook, weekly recovery drill.
Required / Optional
- Required: all three baseline axes implemented with user-readable runbooks.
- Optional: auto-rotation, canary rollout, staged auto-recovery.
Cross References
- Baseline hub:
EN-060-openclaw-security-minimum-baseline.md - Related detection pattern:
EN-010-auth-monitoring.md
Tags
#OpenClaw #SecurityBaseline #Onboarding #Operations