This document outlines the security policy for the personal portfolio website owned and maintained by Tolani Terrell-Adeleye. The purpose of this policy is to ensure the confidentiality, integrity, and availability of the website and its associated data.
The goals of this security policy are:
- To protect the confidentiality of the website, its users, and associated data
- To maintain the integrity of the website, its users, and associated data
- To ensure the availability of the website to authorized users
To achieve the above goals, the following security controls have been implemented:
-
Access Controls: Access to the website and its associated data is restricted to authorized users only. Access controls are in place to ensure that only authorized individuals have access to the website and its associated data.
-
Authentication and Authorization: All users are required to authenticate themselves using unique credentials to access the website and its associated data. Only authorized users are granted access to the website and its associated data based on their role and responsibilities.
-
Encryption: All communication with the website is encrypted using HTTPS to protect against eavesdropping and other malicious activities.
-
Software Updates and Patches: All software used to run the website is kept up to date with the latest patches and updates to protect against known vulnerabilities.
-
Backup and Recovery: Regular backups of the website and its associated data are performed to ensure that data can be restored in case of a disaster or a security breach.
| Version | Supported |
|---|---|
| 2.0 | ✅ |
| < 1.9 | ❌ |
As a human and learning student, I am still susceptible to missing mistakes in my code, and as a big believer in community, I value your help to improve my code and debugging skills. If you believe you have discovered a security issue, bug, or vulnerability, please submit a note or report to me directly via one of the methods listed below.
If you would like to leave a comment or note:
Please submit a ticket request via the Get In Touch form on the site.
If you would like to leave a complete analysis or report:
Email my debugging inbox at [email protected].
In your report, please provide the following information:
- The nature of the problem (cross-site scripting, SQL injection, remote code execution, and so on).
- The vulnerability's potential impact (i.e. what data can be viewed or modified)
- Step-by-step directions on how to reproduce the problem
- Any proof-of-concept or exploit code necessary for reproduction
- If you wish to encrypt your submission with my PGP key, please download it here and attach your signature public key, if signing, to the submission.
This security policy will be reviewed and updated on an annual basis or when significant changes are made to the website or its associated data.
By accessing the this portfolio website, users acknowledge and accept the terms and conditions outlined in this security policy.
This security policy is designed to protect this website and its users, and associated data from unauthorized access, modification, or disclosure. By implementing the above security controls and regularly reviewing and updating this policy, we can ensure the continued security and availability of the website for authorized users.