This is a wiki page that captures the intent and planned/ongoing actions for the support of security coordination in ONAP.
...
Vulnerability management covers how to handle the reception of an identified vulnerability through to solution and communication of the vulnerability. The process is initiated by the reception of an email to onap-security@lists.onap.org. The vulnerability management procedures can be found here: ONAP Vulnerability Management.
The vulnerability management procedures are executed on by the vulnerability management sub-committee.
Release Vulnerabilities
This lists the vulnerabilities reported for each Release.
ONAP security sub-committee
The ONAP security sub-committee identifies and creates proposals related to security in ONAP. As one example, it has created the proposal for the Vulnerability management procedures which are now in effect. The ongoing efforts of the ONAP security sub-committee are now to explore more proactive security activities.
...
The ONAP security sub-committee meeting logistics are:
- Time: Wednesday 15:00 - 16:00 Central European time [ 6AM - 7AM PST]Tuesdays 1 PM UTC time
- Zoom details:793296315
- Or iPhone one-tap (US Toll): +16465588656,793296315# or +14086380968,793296315#
- Or Telephone:
- Dial: +1 646 558 8656 (US Toll) or +1 408 638 0968 (US Toll)
- Meeting ID: 793 296 315924 1503 6769
International numbers available: https://zoom.us/zoomconference?m=Meh_TwQwIDnJKy9MU9R_A8hFaAUbegBa
...
JIRA project for issue prioritization: https://jira.onap.org/projects/SECCOM/
Next Call:
| Jira Legacy | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
2nd Week:
| Jira Legacy | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
Backlog (items to be done):
Jira Legacy
If you want to be involved, please contact Pawel Pawlak or Amy Zwarico
...