Are there currently any plans or projects for improving security auditing under way?
I’m not aware of any specific projects around security, but we welcome all new initiatives. Why are you asking? Would you be interested in leading one?
I’m a student at SUNY Plattsburgh doing a security audit project on OpenMRS. We are looking for ways to enhance the security of the software. We are not interested in leading any projects, we were simply looking for some relevant information regarding the topic.
Thanks! We’re looking forward to the contributions from your course. Please let us know how we can help you be successful in doing so.
There have been several security-related efforts with OpenMRS over the years. There was a FLOSSHacks event in 2013, a security audit before that, @skoussa led some security-releated discussions about a year ago, … . I’m sure there are others, but hard to find them. I’m sure there are efforts that I don’t know about. We would do better if we at least labeled content with “security”. This is the only page I found labeled with “security”.