[Vtigercrm-developers] OWASP Top 10

Prasad prasad at vtiger.com
Thu Jan 15 06:54:11 GMT 2015 

We have established a internal security team who are focusing on OWASP Top
10 vulnerability scanning and getting over it (but it is not yet complete).

Upgrading to the latest versions as it gets rolled is essential.

We continue to be sensitive and be more vibrant towards understanding the
security issues and find fix. Its a pleasure to have many security
researches directly working towards this goal with us.

Please do keep us posted on your finding us. Ultimately keep product user
and business safe is the key - we respect it very much.

Regards,
Prasad

--
FB <http://www.facebook.com/vtiger> I Twit <http://twitter.com/vtigercrm> I
LIn <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
<https://blogs.vtiger.com> I Website <https://www.vtiger.com/>

On Thu, Jan 15, 2015 at 11:44 AM, Uma S <uma.s at vtiger.com> wrote:

> Hi,
>
> We are trying to improvise our code from version to version release. You
> can note the we have implemented MVC architecture  in vtiger 6.1.0 which
> was not completely introduced in vtiger 5.4.
>
> On Thu, Jan 15, 2015 at 9:36 AM, Hamono, Chris (DPC) <
> Chris.Hamono at sa.gov.au> wrote:
>
>> I am sorry to be negative Joe, but I doubt any one has.
>>
>> Personally I would only use vtiger behind a firewall. Much of the code is
>> very old very complicated and possibly vulnerable.
>>
>> That's not to say great strides haven't been taken to improve the code.
>> There has been. The fact you have to turn off warnings shows there is a lot
>> of unprotected legacy code.
>>
>> Chris
>>
>>
>> -----Original Message-----
>> From: vtigercrm-developers-bounces at lists.vtigercrm.com [mailto:
>> vtigercrm-developers-bounces at lists.vtigercrm.com] On Behalf Of Joe Bordes
>> Sent: Tuesday, 13 January 2015 9:41 PM
>> To: vtigercrm-developers at lists.vtigercrm.com
>> Subject: [Vtigercrm-developers] OWASP Top 10
>>
>> Hi,
>>
>> I have a client who is trying to pass the ISO certification and he needs
>> an OWASP Top 10 analysis of vtiger CRM. Has anybody done this before?
>>
>> Thanks
>>
>> --
>> Un saludo
>> Joe
>> TSolucio
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
>
> --
> With
> Best Regards
> Uma.S
> Vtiger Team
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20150115/ba7e4b2f/attachment.html>

More information about the vtigercrm-developers mailing list