Skip to content

Security: saltedge/compliance-examples

Security

SECURITY.md

Security Policy

The Salt Edge team and community take all security bugs seriously. Thank you for improving the security of Salt Edge products. We appreciate your efforts to disclose the issue responsibly, and will make every effort to acknowledge your contributions.

Reporting

Report security bugs via contact support page.

The lead maintainer will acknowledge your email, and will send a more detailed response. After the initial reply to your report, the security team will endeavor to keep you informed of the progress towards a fix and an announcement. We may ask for additional information or guidance. Progress will be reflected in the issue tracker.

  • Salt Edge will confirm the problem and determine the affected versions.
  • Salt Edge will audit code to find any similar problems.
  • Salt Edge will prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.

Report security bugs in third-party modules to the person or team maintaining the module.

Report Structure

  • Include scope of vulnerability. Let us know who could use this exploit.
  • Document steps to identify the vulnerability. It is important that we can reproduce your findings.
  • Show how to exploit vulnerability, give us an attack scenario.

Comments on this Policy

If you have suggestions on how this process could be improved please submit a pull request.


Copyright © 2020 Salt Edge. https://www.saltedge.com

There aren’t any published security advisories