Phabricator project: #Security-Team
Wikimedia Security Team
(Redirected from Wikimedia Security Team/Vulnerability scanning)
Jump to navigation
Jump to search
To report security bugs, vulnerabilities or other issues please follow our process.
Security
The security organization exists to serve the community and foundation by providing security services to cultivate a culture of security, guide and protect members of the community and to secure free knowledge.
|
Staff[edit]
Resources[edit]
- See our documentation strategy
- Glossary of terms as used by the team
- Thank our Volunteers with us.
Responsibilities[edit]
- Promoting and implementing security across Wikimedia Engineering throughout the software development life cycle
- Training for developers and staff
- Regular static and dynamic security scanning of MediaWiki and extensions
- Vulnerability scanning
- Tools and features that promote better security for developers and Wikimedia communities (OAuth, two-factor authentication, password policies)
- Security auditing and response for MediaWiki and WMF deployed extensions and services
- Security reviews, Security review scrum
- Random Public Meeting Minutes
- Triage, fix and deploy reported security issues
- Getting access to security issues in Wikimedia Phabricator
- Incident Response
- Security Governance
Contact The Security Team[edit]
- To report a security issue with MediaWiki or any other Wikimedia-related code, please see Reporting Security Bugs.
- To get the Security Team's general attention on non-critical issues within Phabricator, please tag the #security-team project on a task. Such tasks are typically reviewed during weekly triage meetings, however it sometimes helps to poke us on IRC or via email just to ensure we're fully aware of the task.
- To very generally contact the Security Team, please email us here.