We take security seriously and will actively support and provide updates for the following versions of AizzOps:
| Version | Supported |
|---|---|
| 1.x | ✅ |
| < 1.x | ❌ |
If you discover a security vulnerability within this project, please follow these steps:
-
Do Not Disclose Publicly: Do not create a public issue or disclose the vulnerability on any public forum. Security vulnerabilities must be handled privately and responsibly.
-
Contact Us: Report the vulnerability via email to:
- Email: azfaralam.ops@gmail.com
-
Provide Details: Include as much information as possible to help us understand and address the issue:
- A description of the vulnerability and its potential impact.
- Steps to reproduce the vulnerability.
- Any proof-of-concept code or screenshots.
- Any suggestions for mitigating the issue.
- We will acknowledge the receipt of your report within 48 hours.
- We will provide an estimated timeline for addressing the vulnerability.
- We will keep you informed of the progress as we work to fix the issue.
- We will credit you for the discovery in the release notes, if you wish to be acknowledged.
While we work hard to secure AizzOps, we also recommend the following best practices to ensure the security of your deployment:
- Keep your software and dependencies up to date.
- Use strong, unique passwords and manage them securely.
- Monitor your systems for any unusual activity.
- Regularly back up your data and configurations.
Thank you for helping us keep AizzOps secure for everyone!