The Ushahidi Community Security Working Group is by invite-only. Michael Coates of Mozilla is our liaison with Open Web Application Security Project (OWASP).

Who is the Ushahidi Community Security Working Group:

• This is a highly technical group. While we normally have open forums, it is not for lurking (per say). We promise to announce outcomes on developers at ushahidi dot com, on the community calls and regular communication channels.
• Ushahidi community members (usually connected via developers at ushahidi dot com our our Ushahidi Skype Developer community skype channel
• Ushahidi technical staff.
• OWASP community members
• Michael Coates, Community Liaison

How to join:

• A current Security Working Group team member can vouch for you.
• An Ushahidi core team member can recommend you. Contacts for Ushahidi are David Kobia, Heather Leson, Linda Kamau, and Robbie MacKay.
• We will add you to our Security Working Group mailing list. The content of this list will not be public as it will have discussions about vulnerabilities and testing plans.

How to report an issue:

• Review Software Security Updates for the current patches and download.ushahidi.com for the current version.
• Submit the issue to security at ushahidi dot com.