search

jhpyle / docassemble

A free, open-source expert system for guided interviews and document assembly, based on Python, YAML, and Markdown.
https://docassemble.org
MIT License
796 stars 258 forks source link

Security audit status #25

Closed tantrev closed 2 years ago

tantrev commented 7 years ago

Since docassemble seems amenable for collecting personally identifiable information, I am just curious if it has had any formal security audits.

jhpyle commented 7 years ago

The security section of the documentation contains an informal self-audit, but no formal security audit has been done. At some point I may apply for a pro bono security audit from Websec.

jhpyle commented 2 years ago

I am closing this issue because it is really old. Some formal security audits have been done but none I know of have been finished.