Phabricator project: #Security-Team
Wikimedia Security Team
(Redirected from Wikimedia Security Team/Vulnerability scanning)
Jump to navigation
Jump to search
To report security bugs, vulnerabilities or other issues please follow our process.
|
Security
The security organization exists to serve the community and foundation by providing security services to cultivate a culture of security, guide and protect members of the community and to secure free knowledge.
|
Staff[edit]
Resources[edit]
- See our documentation strategy
- Glossary of terms as used by the team
- Thank our Volunteers with us.
Responsibilities[edit]
- Promoting and implementing security across Wikimedia Engineering throughout the software development life cycle
- Training for developers and staff
- Regular static and dynamic security scanning of MediaWiki and extensions
- Vulnerability scanning
- Tools and features that promote better security for developers and Wikimedia communities (OAuth, two-factor authentication, password policies)
- Security auditing and response for MediaWiki and WMF deployed extensions and services
- Security reviews, Security review scrum
- Random Public Meeting Minutes
- Triage, fix and deploy reported security issues
- Getting access to security issues in Wikimedia Phabricator
- Incident Response
- Security Governance
Contact The Security Team[edit]
- To report a security issue with MediaWiki or any other Wikimedia-related code, please see Reporting Security Bugs.
- To get the Security Team's general attention on non-critical issues within Phabricator, please tag the #security-team project on a task. Such tasks are typically reviewed during weekly triage meetings, however it sometimes helps to poke us on IRC or via email just to ensure we're fully aware of the task.
- To very generally contact the Security Team, please email us here.
