Update sec audit dates (#439)

* Update sec audit dates * Update CMV2 sec audit date * Minor name change * Call out auditor for Sugar
metaplex-foundation · Jul 13, 2023 · ebf56e2 · ebf56e2 · vercel · Jul 13, 2023
1 parent 93382cc
commit ebf56e2
Showing 1 changed file with 13 additions and 11 deletions.
diff --git a/docs/07-security.md b/docs/07-security.md
@@ -27,23 +27,25 @@ This information will help us triage your report more quickly.
 You may also be eligible for a bounty. More details can be found [here](https://www.metaplex.com/bounty-program).
 ## Audits
 
-Ongoing automated and manual security audits are routinely performed by our audit partner [Sec3](https://www.sec3.dev/). Automated audits are performed for every PR and security issues must be resolved before merging into the main branch. Manual ongoing audits are initiated for changes above a specific threshold and security issues must be resolved before merging into the main branch.
+Ongoing automated and manual security audits are routinely performed by our audit partners [Sec3](https://www.sec3.dev/) and [MadShield](https://www.madshield.xyz). Automated audits are performed for every PR and security issues must be resolved before merging into the main branch. Manual ongoing audits are initiated for changes above a specific threshold and security issues must be resolved before merging into the main branch.
 
 Large one-off audits are also performed when there are large changes to the code or functionality as detailed below.
 
-| Protocol       | Last major one-off audit date |
-| -------------- | ----------------------------- |
-| Token Metadata | 2022-07-31 |
-| Auction House  | 2022-06-26 |
-| Gumdrop        | 2022-05-16 |
-| Candy Machine* | 2021-02-01 |
+| Protocol              | Last major one-off audit date |
+| --------------------- | ----------------------------- |
+| Token Metadata        | 2023-06-24 |
+| Trifle/Fusion         | 2023-04-13 |
+| Bubblegum/Compression | 2022-11-02 |
+| Candy Machine V3      | 2022-11-01 |
+| Candy Machine V2      | 2022-11-01 |
+| Auction House         | 2022-10-24 |
+| Gumdrop               | 2022-05-16 |
 
-
-We do not have ongoing automated nor manual security audits that are routinely performed by our audit partner [Sec3](https://www.sec3.dev/) for our developer tools. However, audits may be ordered, facilitated, and paid for by our community of 3rd party Solana ecosystem developers or entities of thier own accord.
+We do not have ongoing automated nor manual security audits that are routinely performed by our audit partners for our developer tools. However, audits may be ordered, facilitated, and paid for by our community of 3rd party Solana ecosystem developers or entities of thier own accord.
 
 | Developer Tools| Last audit date         |
 | -------------- | ----------------------- |
-| Sugar CLI*     | 2022-08-31 |
+| Sugar CLI*     | 2022-08-26 |
 
 
-(*) Independent 3rd party audit
+(*) Audited by [OtterSec](https://osec.io)