Vulnerabilities in web applications (like Gallery) are increasingly a sweet spot for attackers. We are very aware of this, and take the security of the Gallery project very seriously. In addition to our internal guidelines, processes and audits, we?ve had external security experts perform security audits of our code for the last several releases of Gallery 2.

Recently, we retained Gotham Digital Science (GDS) to perform security audits on Gallery 1 and 2. They are experts in application security, as it's basically all they do. The relationship we have built with GDS has proven valuable based on the results of the audits and we are looking forward to partnering with them on audits of future versions of Gallery. Please read on!

read more