Security

Does SplunkBase Vet apps for Security issues before publishing?

khavildar
Explorer

This is a generic question and my apologies if it has already been published somewhere, but I could not glean from my initial google searches.

Given the influx of supply chain attacks through code, am wondering if Splunkbase reviews sourcecode for malicious code before publishing here?

1 Solution

bec
Explorer

If I read this right, according to the approval criteria (https://docs.splunk.com/Documentation/Splunkbase/splunkbase/Splunkbase/Approvalcriteria) it says that "The Splunkbase team evaluates your submitted content to ensure it meets the following..." One being a "check for malware/viruses" which is described as "run scanner software to check for viruses and malware." So though there isn't an abundance of details, it looks like the answer is yes.

View solution in original post

0 Karma

bec
Explorer

If I read this right, according to the approval criteria (https://docs.splunk.com/Documentation/Splunkbase/splunkbase/Splunkbase/Approvalcriteria) it says that "The Splunkbase team evaluates your submitted content to ensure it meets the following..." One being a "check for malware/viruses" which is described as "run scanner software to check for viruses and malware." So though there isn't an abundance of details, it looks like the answer is yes.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...