Saeed,
You may also want to read this:
https://security.apache.org/blog/data-processing-compliance-statements-and-sla/
Kind regards,
Mark
On 03/02/2026 13:34, Christopher Schultz wrote:
Saeed,
On 2/3/26 5:49 AM, RAJPUT Saeed (EXT) wrote:
Dear correspondent,
My name is Saeed Rajput, and I am writing on behalf of the European
Union Agency for Railways (ERA). At ERA, we conduct cybersecurity risk
assessments for all ICT systems deployed within our organisation.
We are currently assessing the Apache Tomcat Server and would
appreciate your support. Could you please connect me with the
appropriate person or team who can assist us with this cybersecurity
risk assessment?
I have attached our cybersecurity risk assessment questionnaire to
this email. If you could kindly review and complete it, this would
greatly help us progress with our internal assessment.
Thank you in advance for your cooperation.
I look forward to your response.
The Apache Software Foundation is an all-volunteer organization
producing software the for public good. You are free to use software
produced by the ASF at no cost and with very few restrictions.
Unfortunately, the ASF does not provide security consultation services.
So your choices for performing a cybersecurity risk assessment are:
1. Hire a third-party security consultant
2. Join the community, familiarize yourself with ASF and Tomcat security
practices, and perform the risk assessment yourself
If you'd like to hire one our community members (including myself ;),
you are welcome to post an email to our users of developers list
requesting help, but please understand that neither of these
aforementioned mailing lists are primarily used as job-listing services.
Instead, they are a means for communication between *members of the
community* requesting assistance and coordinating development and
maintenance of the product.
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
