Marketplace Security Guidelines

Introduction

Camunda enforces security in every facet of its business, especially in those parts that access our customer’s data. In this marketplace, our partners can upload their connectors that interact with our product. This document outlines the security responsibilities of our partners, the different security requirements, and the timeframe for acknowledging, providing mitigation, and fixing vulnerabilities found in their connectors.

Partner Responsibilities

Partners are responsible for the security of their connectors or apps. This includes, but is not limited to, ensuring secure coding practices, regular vulnerability assessments and penetration tests, and adhering to all the security requirements outlined in this document.

Minimum Security Requirements

Data Protection

  1. Partners must ensure that their apps or connectors do not misuse, mishandle, or expose any sensitive data.
  2. All data must be encrypted in transit. TLS version 1.2 (or higher) must be used for encryption.
  3. The Connector shall not store any information outside of the Camunda Cluster that is installed in

Application Security

  1. The Connector shall not use versions of third-party libraries and dependencies that contain known critical or high vulnerabilities. In the event that vulnerabilities within these libraries and dependencies are identified, it is the responsibility of the application developer to address and rectify them as soon as possible
  2. All untrusted data, which includes any input that could potentially be manipulated to carry a web attack payload, must be thoroughly validated and sanitized by an application. To minimize the risk of injection-related vulnerabilities, it is essential to treat all user inputs as potentially harmful. 

Privacy

Partners must respect the privacy of the end-users. The Connector shall not collect any credentials (passwords, API token, etc.)

Vulnerability Management

Partners must perform regular vulnerability assessments and fix any discovered vulnerabilities in a timely manner.

Vulnerability Management Timeframe

Vulnerabilities must be managed according to their CVSSv3 score:

SeverityCVSSv3 ScoreTime to AcknowledgeTime to MitigateTime to Fix
Critical9.0-10.024 hours48 hours4 weeks
High7.0-8.948 hours72 hours6 weeks
Medium4.0-6.95 days10 days8 weeks
Low0.1-3.9Accepted  

By adhering to these guidelines, we aim to ensure a robust security posture for our marketplace and protect the data and privacy of our customers

Missing the time frame

Failure to meet this timeframe will result in temporary or permanent removal of the Connector from the Marketplace.

Clear and readable code and dependencies

Partners must commit to providing clear, readable, and understandable code and dependency definitions, and not do anything that intentionally or unintentionally would lead to:

  • Dependencies not being detected by vulnerability scanners
  • Dependency versions not being detected or incorrectly being detected by vulnerability scanners
  • Obfuscation of  the function or behavior of the connector
  • Obfuscation of malicious behavior 
  • Obfuscation of external communication