I am not aware of any specific security audits for Shindig. I've done informal reviews internally and there hasn't been anything specific that comes up.
Most of the issues will probably involve how well you manage the business logic mappings for the various shindig handlers. In this case there's a lot of policy variation so I would conclude that any security review would probably not be of much use. On Tue, Jan 11, 2011 at 7:20 AM, Niels van Dijk <[email protected]> wrote: > Hi All, > > We are going to deploy a shindig 2.0 based platform very soon. As part > of the deployment we need to do a security audit. > > I was wondering if anyone had already done that already and if the > results of that audit are available somewhere. I can imagine that some > results may be confidential, but I also think several recommendation > might be more generic for Shindig, and not for the local setup. I would > also be intrested in Shindig 1.x audits to have some sort of reference. > > many thanks! > Niels > -- Paul Lindner -- [email protected] -- linkedin.com/in/plindner
