Document bug triage process
Open, NormalPublic


@dpatrick pointed out that we should have a regular triage of low-priority security bugs on a regular basis, in addition to continuous work on the UBN/High/Normal bugs. Which highlighted that the team doesn't have a documented process / schedule for triage of security issues. We should do that.

csteipp created this task.Aug 14 2015, 5:20 PM
csteipp updated the task description. (Show Details)
csteipp raised the priority of this task from to Normal.
csteipp claimed this task.
csteipp added a project: Security-Team.
csteipp added subscribers: csteipp, Aklapper, dpatrick.

Can I somehow help with this? Like setting up / joining a monthly 30min meeting to go through the workboard(s)?

Darian and I have started triaging each week-- Tues 2pm Pacific. You're
welcome to join although I know that's late for you.

I also want to document rough guidelines on wiki to standardize what types
on vulnerabilities get what priority on our sites. Then hopefully anyone
with access can uniformly assign priority.