Central security documentation for the Torrust GitHub organization.
| File | Purpose |
|---|---|
| SECURITY_PRACTICES.md | Org-wide security practices and policies, organised by environment (Dev → CI → Production) |
| SECURITY_ISSUES.md | Index of all GitHub issues labelled "security" across active repositories |
| SECURITY_AUDIT.md | Backlog of known security gaps and improvement actions |
| RESOURCES.md | Curated external guides, tools, and reading for security topics |
| REFERENCES.md | All external URLs cited within the documents above |
Do not open a public GitHub issue. Use GitHub Private Vulnerability Reporting on the relevant repository (Security → Report a vulnerability), or contact the maintainers directly via the SECURITY.md file in that repository.
See the Contributing section in SECURITY_PRACTICES.md.