Implementation Kickoff Guide for Commercial Deployment¶

This guide outlines the implementation process and shared responsibilities between your team and Second Front’s Game Warden platform. It includes what’s expected at each phase of onboarding, what artifacts you need to provide, and how we’ll work together to securely deploy your application to Game Warden.

Implementation phases & milestones¶

Phase	What Second Front Does	What You Do
Kickoff	Assign Mission Success Manager (MSM) and Technical Implementation Manager (TIM) Deliver onboarding resources and guidance	Assign technical & security leads Review onboarding requirements Begin collecting technical artifacts
Configuration	Set up Development (DEV) environment Configure Helm charts and pipelines	Provide images & initial documentation Complete access control integration (e.g., Keycloak)
Security Review	Perform container scans (DAST) Support Body of Evidence (BoE) documentation	Perform container scans (SAST) and submit results to 2F Justify or remediate CVEs Complete the BoE and Authorization Boundary Diagram
Approved	Prepare Staging (STG) environments
Validation	Deploy to STG environment Assist with test cases and validation checks	Perform final functional tests in STG Confirm production readiness
Deployed	Push to Production (PRD) environment Monitor initial usage and performance	Confirm the PRD readiness Begin end-user onboarding
Day 2 Operations	Provide ongoing support Deliver quarterly business reviews and growth planning	Join regular syncs Review logs and scan results Plan for roadmap milestones

Shared Responsibility model¶

Second Front uses the Shared Responsibility Model to clarify which tasks are owned by the customer and which are managed by Second Front, helping streamline implementation and compliance. Refer to Game Warden's Shared Responsibility Model for more information.

Required technical artifacts¶

To support a smooth and secure implementation, please collect and submit the required items listed in the Technical Artifacts guide as early as possible in the process.

Security requirements¶

Security is core to the Game Warden platform. You must be prepared to support the following:

Authorization Boundary Diagram	Required for BoE and initial implementation planning. Must include all outbound integrations or API dependencies.
CVEs & Remediation	You’ll use Findings to manage container scans. CVEs must be addressed per the Acceptance Baseline Criteria.
BoE	Gather required details early to avoid bottlenecks.
SAST Scan & AI Attestation	Prepare static analysis outputs and AI-related disclosures, if applicable.

Technical considerations¶

To ensure a smooth deployment process, your team should review:

Access Control - Integrate with Keycloak and implement JWT authentication

→ Access Control Guide
Logging & Monitoring - Game Warden integrates with Loki and Grafana

→ Observability Stack
Pipelines & Image Push - Push hardened images to the Harbor Registry

→ Push Images to Harbor

Action items & best practices¶

Assign a dedicated technical and security lead
Schedule weekly/bi-weekly syncs with your Game Warden team
Review observability tools and security scanning expectations
Begin preparing your BoE, authorization boundary, and technical artifacts
Push initial image to Game Warden registry as early as possible

Helpful links