[Userops] Sandstorm's security track record, and what it means for self-hosting

[Asheesh Laroia]

Hi nice userops people,

I want to share the results of an analysis of security issues of web apps available on the Sandstorm app market, done by Kenton Varda and myself of the Sandstorm team.

95% of security issues automatically mitigated, before they were discovered

Sandstorm automatically protects users from a huge fraction of the publicly disclosed security vulnerabilities discovered in apps on the Sandstorm app market, before the vulnerabilities were even disclosed. Of the issues we examined, 95% were wholly or partly mitigated.

You can read the full report here in our documentation: https://docs.sandstorm.io/en/latest/using/security-non-events/

Or read my short announcement blog post: https://sandstorm.io/news/2016-02-29-security-track-record

If you have any questions about it, let me know!

Cheers,

Asheesh.