-
### Issue Summary
Supervisorctl Status command not working so it might be leading to `autorestart` not working for programs.
### Steps to Reproduce
1. Login into adhoc worker container
2…
-
https://nvd.nist.gov/vuln/detail/CVE-2024-35329
-
I'm noticing that none of the policies currently listed have `disclosure_timeline_days` set. However, it's a requirement if `co-ordinated` is set. This seems like overly restrictive for a org declarin…
-
* Figure out whether there are any bug bounty programs that are friendly to open-source projects with limited budgets (HackerOne, BugCrowd, etc).
* Write documentation for responsible disclosure of s…
-
## Parent Epic (If Applicable)
* https://github.com/elastic/ia-trade-team/issues/271
## Meta Summary
Auth0 is a third-party authentication and authorization platform that allows developers to…
-
Document the plan of implementation for each component identified in the Component Definition Issue. Work content into a snippet for the OSCAL model.
-
## Affiliation
I'm the Operations Lead for @Citi OSPO.
## Bio
Jamie Slome joined Citi in November 2022 as the Operations Lead for Citi’s Open Source Program Office (OSPO). He is responsible f…
-
This check should be in the existing section on **Vulnerability disclosure program**:
The precise location of this new indicator should be under this **Criteria**:
Security > Data Security > Vuln…
-
Hacker publicly discloses details of a report that was previously submitted to a team. However:
* the team/platform has rejected the report as invalid
OR
* the bug has already been confirmed to b…
-
It might be good to extend the criteria, or at least add more explanatory material about vulnerability reporting, per this article: ["New open source effort: Legal code to make reporting security bugs…