|
| 1 | +# Security Policy |
| 2 | +At EPAM Systems, Inc., we take security very seriously, and we understand the importance of safeguarding our software and users. To ensure the security of our public GitHub repository, we have implemented the following security policy. |
| 3 | + |
| 4 | +## Reporting Security Vulnerabilities |
| 5 | +If you discover any security vulnerabilities or potential security issues with our codebase, please report them to us immediately. We appreciate and encourage responsible disclosure, and we will work with you to address any issues promptly. To report any security vulnerabilities, please use the form available at https://tdspora.ai/contact, and include "Vulnerability: " at the beginning of the subject line. |
| 6 | + |
| 7 | +To ensure that any potential security vulnerabilities are addressed in a timely manner, we have implemented a 24-hour reaction time policy for any reported vulnerabilities. This means that upon receipt of a report of a potential security vulnerability, our team will promptly review and investigate the issue and work to implement a fix. |
| 8 | + |
| 9 | +### GitHub Security Advisories |
| 10 | +We encourage our project team to use GitHub Security Advisories to disclose any vulnerabilities found in our public GitHub repository. GitHub Security Advisories provide a secure and private way for our team to disclose vulnerabilities without risking public disclosure before a fix can be implemented. |
| 11 | +For more information about the process of reporting and disclosing vulnerabilities in GitHub, see "[About coordinated disclosure of security vulnerabilities](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/about-coordinated-disclosure-of-security-vulnerabilities#about-reporting-and-disclosing-vulnerabilities-in-projects-on-github)." |
| 12 | + |
| 13 | +## Security Patches and Updates |
| 14 | +We are committed to ensuring that our codebase is up to date with the latest security patches and updates. We will regularly review and apply security updates to our codebase to maintain the highest level of security. |
| 15 | + |
| 16 | +## Password Management |
| 17 | +We enforce password complexity and recommend using a password manager to store strong passwords. We will also ensure that access to our GitHub repository is granted only to authorized personnel. |
| 18 | + |
| 19 | +## Code Reviews |
| 20 | +All code changes to our GitHub repository will undergo a review process to ensure that the code is secure, efficient, and follows best practices. We will review the codebase on a regular basis to identify and fix potential security issues. |
| 21 | + |
| 22 | +## Access Control |
| 23 | +We will ensure that access to our GitHub repository is granted only to authorized personnel who need access to maintain and update the codebase. |
| 24 | + |
| 25 | +By following these guidelines, we aim to maintain a secure and reliable codebase for our users. We appreciate your help in keeping our codebase secure, and we thank you for your contributions to our software. |
| 26 | + |
| 27 | +## Supported Versions |
| 28 | +Currently, we support only latest version of the library. |
0 commit comments