-
Many organisations these days have a public vulnerability disclosure policy. These policies can have a legal status granting researchers rights when they follow the disclosure process described in the…
-
Two part suggestion.
The type of timer associated with new conversations should be a global default. Otherwise one gets used to timers being on then finds out that timers are off in some other cont…
-
Eine Vorlage der Terms and Conditions die der Nutzer bei der Registrierung bestätigen muss.
-
GOAL: Make CNA scope more easily determined by third parties
CHANGE: Clarify the difference between "when a vulnerability is made public" versus "when a vulnerability is added to the CVE list" and ho…
-
Exploring [lynis](https://github.com/CISOfy/Lynis), a security auditing for UNIX derivatives.
Paste the output of `sudo ncp-report`
NextCloudPi diagnostics
```
NextCloudPi version v0.41…
-
**What build of DuckieTV are you using (Standlone / Chrome Extension (New Tab / Browser Action))**
...
Chrome Extension, Browser Action
**What version of DuckieTV are you using (Stable 1.1.x / Ni…
-
To pair with a coming blog post, we should create a place for the [FY17 Strategy document](https://docs.google.com/document/d/1JJxH0x75tEvQ4zMts5xKqudfUDqODmWsPflfn1VEJpM/edit#heading=h.mfnsuvkvd8r7) …
-
> When should client authentication be a required element? There should be a specific threat that needs to be addressed, rather than simply "be capable of protecting a secret" -- otherwise, folks m…
-
It has become common practice and expected that any open source software meant to run on a network explain their vulnerability disclosure process to users in their public-facing documentation.
This i…
-
**Organization**: TeleSign Corporation
**Type**: 2
**Document (63-3, 63A, 63B, or 63C)**: 63B
**Reference (Include section and paragraph number)**: 5.1.3.2
**Comment (Include rationale for comment…