Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
66 lines (33 loc) · 5.72 KB

CONTRIBUTING.md

File metadata and controls

66 lines (33 loc) · 5.72 KB

Contributing to OpenAEV

Thank you for reading this documentation and considering making your contribution to the project. Any contribution which helps us improve the platform is valuable and much appreciated. If it is also meaningful to you or your organisation it's all for the best.

In order to help you understand the project, where we are heading and how you can contribute, below are several resources and answers.

Do not hesitate to shoot us an email or join us on our Slack channel. Most of the articles below are an introduction for our detailed documentation.

Why contribute?

OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaigns and tests. It allows security teams to validate their defenses, train their analysts and measure their detection and response capabilities against real-world attack scenarios (if you want to know more about OpenAEV, you can read the detailed documentation or try it on the demonstration platform).

Whether you are an organisation or an individual working or studying in the field of cybersecurity and cyberdefense, or simply as an individual looking for a technical challenge, contributing to the OpenAEV project may represent a great opportunity for you.

  • You can help grow the community and a tool focused on improving adversary simulation capabilities and therefore enhancing our ability to better protect our organisations and societies;

  • You will be able to adapt the tool to your core interests and methods of work by developing features or fixing bugs you are most interested in;

  • OpenAEV is also an interesting opportunity for developers to work on modern technologies such as Java/Spring Boot backend and React/TypeScript frontend.

Where is the project heading?

Now that the platform has been released, our goal for future releases is two-fold:

  • Of course, fix bugs and develop features which are identified as non-critical but would really add-up to OpenAEV's power;

  • On a longer term vision, we would like to continue developing advanced simulation capabilities, including more injectors, better integration with threat intelligence platforms like OpenCTI, and enhanced reporting and metrics.

Code of Conduct

OpenAEV has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand which actions will and will not be tolerated.

How can you contribute?

Any contribution is appreciated and many don't imply coding. Contributions can range from a suggestion for improving documentation, requesting a new feature, reporting a bug, to developing features or fixing bugs yourself.

For general suggestions or questions about the project or the documentation, you can open an issue on the repository with the label "question". We will answer as soon as possible. If you do not wish to publish on the repository, please see the section below "How can you get in touch for other questions?".

  • Just using OpenAEV and opening issues if everything is not working as expected will be a huge step forward. See our section about opening an issue. To report a bug, please refer to the bug reporting module. To suggest a new feature, please fill in the feature request form.

  • Don't hesitate to flag us an issue with the documentation or the templates if you find them incomplete or not clear enough. You can do that either by opening a bug report or by sending us a message on our Slack channel.

  • You can look through opened issues and help triage them (ask for more information, suggest workarounds, suggest labels, flag issues etc.)

  • If you are interested in contributing to developing OpenAEV, please refer to the detailed documentation. It can be either to fix an issue which is meaningful to you, or to develop a feature requested by others.

  • All commit and Pull Request titles must follow the Conventional Commits format: type(scope?)!?: description (#issue)

    • type must be one of: feat, fix, chore, docs, style, refactor, perf, test, build, ci, revert
    • scope is optional, a lowercase noun describing the affected part of the code. The old [backend] / [frontend] bracket prefixes are discontinued — use a scope instead.
    • the description starts with a lowercase letter and has no trailing period
    • Pull request titles must end with the related issue reference, e.g. (#1234), and every Pull Request must be linked to an issue. Renovate pull requests are exempt.

    Example: feat(auth): add JWT authentication (#123)

  • All commits must be signed. See the GitHub documentation on signing commits.

  • See .github/LABELS.md for the full title & label taxonomy.

How can you get in touch for other questions?

If you need support or you wish to engage a discussion about the OpenAEV platform, feel free to join us on our Slack channel. You can also send us an email.