Wiki Spaces


Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack


Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Finder (Discoverer/ Reporter) – the individual or organization that identifies the vulnerability
    • External group (i.e: Bishop Fox)
    • Internally (i.e:bug bounty/Hackerone)
  • Manager - An individual with a role of managing the vulnerability process till the fixing and its updated release, appointed by the management of OpenMRS.
  • Vendor (OpenMRS) –  the individual or organization that created or maintains the vulnerable product.
  • Deployer – the individual or organization that must deploy a patch or take other remediation action
    • Implementers
    • Release managers who need to include the patch in the ongoing release process
  • Coordinator – an individual or organization that facilitates the coordinated response process
    • TPM
    • OpenMRS Software Security Lead
  • Tester  -the individual who tests the updated release, its feedback is taken from the Deployer and documents the fixes finally report it to the "Owner".