Document task prioritization (bug triage) process of WMF Security Team
Closed, ResolvedPublic

Description

@dpatrick pointed out that we should have a regular triage of low-priority security bugs on a regular basis, in addition to continuous work on the UBN/High/Normal bugs. Which highlighted that the team doesn't have a documented process / schedule for triage of security issues. We should do that.

csteipp created this task.Aug 14 2015, 5:20 PM
csteipp updated the task description. (Show Details)
csteipp raised the priority of this task from to Normal.
csteipp claimed this task.
csteipp added a project: Security-Team.
csteipp added subscribers: csteipp, Aklapper, dpatrick.

Can I somehow help with this? Like setting up / joining a monthly 30min meeting to go through the workboard(s)?

Darian and I have started triaging each week-- Tues 2pm Pacific. You're
welcome to join although I know that's late for you.

I also want to document rough guidelines on wiki to standardize what types
on vulnerabilities get what priority on our sites. Then hopefully anyone
with access can uniformly assign priority.

Aklapper closed this task as Resolved.May 29 2018, 12:12 PM
Aklapper assigned this task to csteipp.

No updates for 30 months. Closing this task and assuming it is fixed.
WMF Security Team: Please reopen this task and clarify if it is not.

Aklapper renamed this task from Document bug triage process to Document task prioritization (bug triage) process of WMF Security Team.May 29 2018, 12:13 PM