|
|
# Notes for [TROVE for everybody](202209MeetingTROVE)
|
|
|
|
|
|
* Title: An organization-wide security bug registry?
|
|
|
* Proposed-by: Nick
|
|
|
* Facilitator: Micah
|
|
|
* Who: Developers, admins, anybody who fixes security issues
|
|
|
* Note taker:
|
|
|
* Duration: 1 hour
|
|
|
* Description: The network team uses a set of security policies to decide how to classify and respond to security issues, and a simple registry to keep track of them. This helps with transparency and visibility into our security process. Who else would like to adopt this kind of practice, and how might we want to adapt it?
|
|
|
* Links: https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/SecurityPolicy https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE |
|
|
\ No newline at end of file |