Uploaded image for project: 'Qt Project Website'
  1. Qt Project Website
  2. QTWEBSITE-860 Security Policy Renewal
  3. QTWEBSITE-863

Identify and document established security processes

    XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Open
    • Priority: Not Evaluated
    • Resolution: Unresolved
    • Component/s: qt-project.org
    • Labels:
      None
    • Technical Risk:
      Normal

      Description

      The following processes are currently in place, and should be documented as part of the security policy, as long as the project commits to continuing with their regular execution.

      • regular updating of 3rd party modules in LTS patch and new feature releases
      • documentation about which 3rd party module versions are included in a Qt release
      • audits through independent security auditors, including fuzzing, code review, and static code analysis

      Other processes could include risk assessments and threat analysis, penetration testing.

      For each process documented in the policy, an owner (or alternatively, a link to another process, such as the release process) needs to be identified and documented.

        Attachments

        For Gerrit Dashboard: QTWEBSITE-863
        # Subject Branch Project Status CR V

          Activity

            People

            • Assignee:
              vhilshei Volker Hilsheimer
              Reporter:
              vhilshei Volker Hilsheimer
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:

                Gerrit Reviews

                There is 1 open Gerrit change