Skip to content

Security: Breaking-IT/breaktest

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

BreakTest is a forked continuation of Apache JMeter and inherits much of JMeter's security model.

Please report suspected BreakTest vulnerabilities privately to the project maintainers; do not open public GitHub issues or pull requests for undisclosed security reports. If a vulnerability also affects upstream Apache JMeter, follow the Apache Software Foundation security process and report it privately to security@apache.org.

Threat Model

What the project treats as in scope and out of scope, the security properties it provides and disclaims, the adversary model, and how findings are triaged are documented in THREAT_MODEL.md.

There aren't any published security advisories