brianp
(Brian Pierce)
June 3, 2018, 11:28am
1
I’m new and trying out bitwarden for my business. I found the lack of an ouside audit mentioned in a couple of reviews online and discussed in this reddit thread but not listed here as a new feature request.
https://www.reddit.com/r/Bitwarden/comments/7xl9qg/full_formal_security_audit/
Discussion about security audit on GitHub
opened 09:41PM - 19 Jan 17 UTC
closed 04:09PM - 12 Nov 18 UTC
help wanted
Not sure in which repository this belongs, probably in all of them. Bitwarden sh… ould get a security audit to find and squash any security issues that might hide somewhere. Obviously there is the problem of financing, so maybe this can be of help. Doesn't hurt to try it, right?
https://blog.mozilla.org/blog/2016/06/09/help-make-open-source-secure/
https://docs.google.com/forms/d/e/1FAIpQLScLwANEOvLBE6gnFVoiamqHOYzzkaChpdQJ7f0PlZGmfyy94w/viewform
https://wiki.mozilla.org/MOSS/Secure_Open_Source
1 Like
“We are scheduled with Cure53 for later this year to perform a complete audit of the backend server (core), web vault, desktop apps, browser extensions, and jslib (the library that powers most of our client apps).” https://github.com/bitwarden/core/issues/27#issuecomment-413937252
3 Likes
This is great news. After the security audit, I would be willingly pay for a premium, even though free plan is satisfying for my use case.
Any updates on this? Has it started?
4 Likes
Shackrock
(Shackrock)
January 5, 2019, 9:19pm
7
Yes, this should be closed as completed.