FOR ARCHIVAL PURPOSES ONLY

The information in this wiki hasn't been maintained for a good while. Some of the projects described have since been deprecated.

In particular, the "Ushahidi Platform v3.x" section contains information that is often misleading. Many details about this version of Platform have changed since.

This website is an extraction of the original Ushahidi wiki into a static form. Because of that, functions like logging in, commenting or searching will not work.

For more documentation, please refer to https://docs.ushahidi.com

Skip to end of metadata
Go to start of metadata

Security Working Group Meeting

May 4, 2012 12:00 EDT, 09:00 PDT

Attendees: Michael Coates, David Kobia and Heather Leson

Purpose:

Discuss next steps to build a security working group relationship between Ushahidi's community and OWASP. Receive guidance and make decisions.

Actions and notes:

  • Michael to review Ushahidi community call recording and George Chamales's DefCon Video
  • Create Security Working Group wiki page - Heather (done)
  • Update Wiki with explanation on "how to report - Heather (done)
  • Update Security.ushahidi.com with "how to file a security bug" and "how to reach security" - Heather to team for request (done)
  • Community members who offered to join the Security Working Group to be introduced to Michael Coates, core tech team by Heather (done)
  • Create security at ushahidi dot com and the Security Working Group email accounts- David (done)
  • Define Security Working Group application process -team (done)

Next Steps

  • Documented public process for how to submit security bugs  (wiki, readme file) - Ushahidi team to do
  • Security working group to handle inbound security issues, internal security discussions (communication method)
  • Instructions for how someone can security test the software - have to download? test crowdmap page? blackout periods?
  • David and Heather to advise Michael about the potential OWASP test day in the coming two weeks. (Due by May 7, 2012)

Additional resources: