From 0b356f86431a43555361e0df552499d2c302fa83 Mon Sep 17 00:00:00 2001 From: Alec Fong Date: Tue, 16 Dec 2025 14:10:22 -0800 Subject: [PATCH] Update SECURITY.md --- docs/SECURITY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/SECURITY.md b/docs/SECURITY.md index c91aa6b..64393f2 100644 --- a/docs/SECURITY.md +++ b/docs/SECURITY.md @@ -62,7 +62,7 @@ This document outlines the security requirements and best practices for implemen **Implementation Requirements:** -1. **Default State**: All inbound traffic must be blocked by default +1. **Default State**: All inbound traffic must be blocked by default (exemption may be made to 22, though the sdk prefers to explicitly set this) 2. **Explicit Allow**: Inbound access must be explicitly granted through `FirewallRule` resources 3. **Outbound Freedom**: Outbound traffic should be unrestricted by default 5. **Security Groups**: Use cloud provider security groups or equivalent (AWS Security Groups, GCP Firewall Rules, Azure NSGs) for network isolation @@ -137,4 +137,4 @@ For security issues, vulnerabilities, or questions: --- -**Note**: This document is a living document and will be updated as security requirements evolve. All cloud integrations must comply with these requirements to ensure the security and integrity of the Brev Compute SDK ecosystem. \ No newline at end of file +**Note**: This document is a living document and will be updated as security requirements evolve. All cloud integrations must comply with these requirements to ensure the security and integrity of the Brev Compute SDK ecosystem.