Skip to main content
High-Assurance Application Security Offer for ElkArte Started by emanuele · · Read 6607 times 0 Members and 1 Guest are viewing this topic. previous topic - next topic

High-Assurance Application Security Offer for ElkArte

At ElkArte, we take pride in producing the best code and keeping ElkArte modern, free and powerful community building forum. In this day and age high-assurance security is something that we have to start thinking about. As a community, we’ve done our best as far as code security; now, we’re looking to advance to the next level.
SecurifyLabs, a company that specializes in open-source assessment and remediation support approached us. Their collaborations include open-source initiatives such as Tiki Wiki CMS Groupware and BigBlueButton. Having SecurifyLabs as our security partner will be a game changer for our entire community.

Become a sponsor
SecurifyLabs uses a unique funding approach to make high-assurance application security available for open-source projects, at no cost to the community. Instead of charging developers, SecurifyLabs builds customized security test cases and vulnerability scanning for each open-source they work with, these test cases and vulnerability scanning are meant to test the server that runs ElkArte to ensure the server security. In return they offer application security services that are increasing in value as more users support the project.
Anyone becoming a sponsor will help make ElkArte become more secure for our entire community. Here is the campaign schedule as we received it from SecurifyLabs


Services Unlocked
Number of
Packages Required
Level 1
Threat Assessment and Code Review for Injection Attacks
2
Level 2
Code Review for Authentication and Session Management Issues as well as Cross-site Scripting
4
Level 3
Code Review for Insecure Direct Object Reference and Security Misconfiguration
6
Level 4
Code Review for the Rest of OWASPs Top 10
8
Level 5
One Round of Retest to Ensure Proper Vulnerability Remediation
10
So once they sell two ElkArte’s specific vulnerability scanning packages of any kind, they would start automatically performing threat assessment and review the code for injection attacks, and so on.

What’s In It For You?
Buying the scanning packages from SecurifyLabs, in addition to the deep inspection assessment you get for the server hosting ElkArte, which ensures that the server, OS, supporting software are all secure, you will receive curated code findings report. But the most valuable reward is that your contribution will help us dramatically decrease the need for urgent security updates, offering you better protection and total peace of mind. You’ll also become part of the modern open-source initiative; by supporting our mission, you can help ensure that ElkArte stays one step ahead of hackers, leading the way for open-source projects worldwide.

What’s In It For Your Community?
SecurifyLabs offers a wide array of security services, which would be of great benefit to ElkArte. The more sponsors we get, the more services we can access – and the more secure our software and your server will be.

You can find more details here: www.securifylabs.com
Bugs creator.
Features destroyer.
Template killer.

 

Re: High-Assurance Application Security Offer for ElkArte

Reply #1

So long they remain optional. I hate to rely on any security products.