Page MenuHomePhabricator

Document and report initial metrics for security bug handling
Closed, ResolvedPublic

Event Timeline

csteipp created this task.Jul 10 2015, 5:49 PM
csteipp claimed this task.
csteipp raised the priority of this task from to High.
csteipp lowered the priority of this task from High to Normal.
csteipp updated the task description. (Show Details)
csteipp added a project: Security-Team.
csteipp moved this task from Backlog to Epics in progress on the Security-Team board.
csteipp added subscribers: Aklapper, csteipp.
csteipp raised the priority of this task from Normal to High.Aug 14 2015, 5:22 PM

All engineering teams need documented KPI's by Aug

csteipp closed this task as Resolved.Oct 13 2015, 11:55 PM

As documented on https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Metrics,

  • Security Bugs (number open by priority each month)
  • Security Reviews (number open each month)
  • Training (training by quarter with number of attendees)
  • Incident Response (number of incidents by quarter)

Are being tracked. Actual number of security bugs open, and incident documentation is considered private to the organization, and is tracked privately.