Skip to content

Security: ollionorg/gcp-landing-zone

SECURITY.md

Security Policy

The current repository scanned and fully-complaint against the below best practices:

  1. Google Cloud Platform Foundation
  2. PCI DSS v3.2.1 and 4.0
  3. NIST CSF 1.0
  4. CIS Controls 8.0

The security scanning performed on a regular basis to ensure security and safety of the landing zone.

Supported Versions

We are currently providing security updates for the following versions:

Version Supported
1.0.0

Reporting a Vulnerability

We take the security of our software seriously. If you believe you've found a security vulnerability, please send an email to lzadmin@ollion.com.

When reporting a vulnerability, please include as much information as possible, including:

  • A description of the vulnerability
  • Steps to reproduce
    • This can be in the form of a scripted test case or set of commands that will consistently reproduce the issue
  • The impact: what an attacker can gain from this exploit
  • Any potential solutions you can think of

Please do not open a public GitHub issue if the bug is a security vulnerability.

After receiving your report, the security team will assess the impact and likelihood of the vulnerability and then determine the severity level using the Common Vulnerability Scoring System.

We will respond to your report within 48 hours and will keep you updated as we work to address the vulnerability you reported.

There aren’t any published security advisories