CIB seven Security Guide
This page describes CIB seven (also referred to as the 'software') from a security perspective. It has four parts:
1. Security Policy: Describes the software's security policy, including how we deal with security issues and how the security of the software is continuously maintained.
2. Instructions for operating the software securely: Provides an overview of how to secure a CIB seven installation. In order to secure a CIB seven installation, CIB seven itself must be configured correctly and it must be integrated correctly into its environment. This section also identifies areas where we consider security issues to be relevant for the specific CIB seven product and listed those in the subsequent sections. Compliance for those areas is ensured based on common industry best practices and influenced by security requirements of standards like OWASP Top 10 and others.
3. Security Notices: Announcements of known vulnerabilities for which fix releases and/or practical workarounds are available.
4. Reporting a Vulnerability: Explains how to report a security vulnerability to our team.