jenniferfernick issues

Results 6 issues of


                                            jenniferfernick

Point of clarification on definition of "security reviews"

I'm wondering what we consider a "security review" for the purposes of this collection: * A third party security audit of an open source codebase by a security firm? (Assuming...

Security Emergency/Crisis Response resources (team, guide, etc)

In our October 18 2021 WG meeting, I raised the question of "**_where do open-source projects turn in the event of a security crisis or emergency?_**" Here, security emergency could...

Create "Metrics explainer": Document for each metric how it is computed and how it impacts security

I am seeking to write a "metrics explainer" in which, for each metric on the dashboard, we document things like: - **Security impact**: Details about how a given metric relates...

Token setup guidance: Create high-quality educational materials for OSS maintainers about how to use hardware tokens to protect their projects

Identification of Security Risks: Identify all potential security risks that could occur as a part of The Great MFA Project and ensure we have sufficient protections against those risks

jenniferfernick

Point of clarification on definition of "security reviews"

Security Emergency/Crisis Response resources (team, guide, etc)

Create "Metrics explainer": Document for each metric how it is computed and how it impacts security

Token setup guidance: Create high-quality educational materials for OSS maintainers about how to use hardware tokens to protect their projects

Identification of Security Risks: Identify all potential security risks that could occur as a part of The Great MFA Project and ensure we have sufficient protections against those risks

Announcement Blog Post: Create blog post on openssf.org announcing The Great MFA Project and important details related to it