Security/SOP/Access to Phabricator Security Issues

Access to view private Security issues in Phabricator is limited, and granted on an as-needed basis at the discretion of the Wikimedia Security Team.

Requesting Access

 * 1) Create a Phabricator account;
 * 2) Set up Two-Factor Authentication for your Phabricator account under Settings → Authentication → Multi-Factor Auth.
 * 3) Sign a volunteer non-disclosure agreement or a WMF employee non-disclosure agreement. If you're already a working WMF employee, you have likely already signed an NDA as part of your Terms of Employment and can skip this.
 * 4) If you are a WMF employee then link your SUL account that ends in (WMF) to your phabricator account. This should be created for you during the onboarding process.
 * 5) Submit an access request, supplying your full name, Phabricator username, and the reason you need access to private Security issues in Wikimedia Phabricator. Do not include private information in the access request.

Requests are reviewed on a weekly basis in the Security Team meeting, which is usually on Tuesday of each week.