Incidents
Incident Response
Threat Dragon is open source software and contains many other open source components. Threat Dragon’s community strives to stay abreast of security vulnerabilities and incidents impacting upstream providers or Threat Dragon itself. If there is a high impact or high profile incident or vulnerability, the Threat Dragon community/maintainers will create a GitHub Issue and leave it pinned for as long as it is relevant to the community. This issue will have the “security” label, and is intended to serve as a transparency report, not necessarily a real-time feed of incident response.
Because Threat Dragon is maintained by a community of volunteers, it will not always be possible to immediately investigate or respond to incidents immediately. Please only report security vulnerabilities found within Threat Dragon by following the process in the Security Policy. Every effort will be made to resolve security concerns as they arise.