How do you publicly disclose your #security #vulnerabilities
We used to post them on our forum... sometimes on #GitHub, sometimes via changelog, sometimes not at all. It was pretty haphazard, involved a lot of manual steps, and we needed to do better.
So we decided to throw some #code (and some #nocode) at this problem and centralized it all while keeping a bunch of options open for interested parties 👇
https://community.nodebb.org/topic/17561/security-vulnerability-notifications
#appsec #netsec #bugbounty
NodeBB /
npub1fp…pxh50
2023-09-18 18:50:14
Author Public Key
npub1fpy83juzyafhzx4vuqx02z9tfuwnkvn69skpkegpp62f4l9q5h4qhpxh50Published at
2023-09-18 18:50:14Event JSON
{
"id": "32b981979d2fa754750c8618e332e2c7df943493b51356ad2a0ad03363ba5948",
"pubkey": "484878cb822753711aace00cf508ab4f1d3b327a2c2c1b65010e949afca0a5ea",
"created_at": 1695063014,
"kind": 1,
"tags": [
[
"t",
"security"
],
[
"t",
"vulnerabilities"
],
[
"t",
"github"
],
[
"t",
"code"
],
[
"t",
"nocode"
],
[
"t",
"appsec"
],
[
"t",
"netsec"
],
[
"t",
"bugbounty"
],
[
"proxy",
"https://fosstodon.org/users/nodebb/statuses/111087649686138163",
"activitypub"
]
],
"content": "How do you publicly disclose your #security #vulnerabilities \n\nWe used to post them on our forum... sometimes on #GitHub, sometimes via changelog, sometimes not at all. It was pretty haphazard, involved a lot of manual steps, and we needed to do better.\n\nSo we decided to throw some #code (and some #nocode) at this problem and centralized it all while keeping a bunch of options open for interested parties 👇 \n\nhttps://community.nodebb.org/topic/17561/security-vulnerability-notifications\n\n#appsec #netsec #bugbounty",
"sig": "79f2e13b68e8b0d7c6ba48cf94de288e1734fdf57053f85df75c6e532bf577278377079c25bfbd83be482ba61d802cc887e784e9d3a7341a10181fc578a8948b"
}