Requests for security audits of large pieces of code (e.g. a review of extension prior to deployment to the Wikimedia cluster).
Read: https://www.mediawiki.org/wiki/Security/SOP/Application_Security_Reviews
Scrum: https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Security_Review_Scrum
Part of Security-Team. Workboard is tracked at secscrum.