Hi, In the last developer face to face event, we approved the vulnerability management procedures (https://wiki.onap.org/display/DW/ONAP+Vulnerability+Management). The purpose of this is to manage the reception of a vulnerability until fix and communication. Note, this is separate from the security team which will now focus on looking into more proactive activities around security for ONAP.
This will be a small team of 3-5 people (as it will work under embargo) to work with the projects to fix received notifications of vulnerabilities. It will need a mix of people who know and are passionate about security, as well as people who know the code base and/or will be able to work with others to solve the vulnerabilities. I am looking for people to help with working in this team, so if you are passionate about fixing vulnerabilities and security, have a good understanding of our code base(s) and the project leaders and/or have a good knowledge of security vulnerabilities, and can dedicate time for this activity - I would love to hear from you and your background. With this email I am soliciting support for this with the idea of making a selection to propose to the TSC (the TSC should decide). Responses before the close of Monday 19th July would be highly appreciated. Note: emails directly to me appreciated, no need to broadcast to the entire list. Best Regards, Steve. [Ericsson]<http://www.ericsson.com/> STEPHEN TERRILL Technology Specialist DUIC, Systems and Technology Development Unit IP & Cloud Business Unit, IT & Cloud Products Ericsson Ericsson R&D Center, via de los Poblados 13 28033, Madrid, Spain Phone +34 339 3005 Mobile +34 609 168 515 [email protected] www.ericsson.com [http://www.ericsson.com/current_campaign]<http://www.ericsson.com/current_campaign> Legal entity: Ericsson EspaƱa S.A, compay registration number ESA288568603. This Communication is Confidential. We only send and receive email on the basis of the terms set out at www.ericsson.com/email_disclaimer<http://www.ericsson.com/email_disclaimer>
_______________________________________________ onap-discuss mailing list [email protected] https://lists.onap.org/mailman/listinfo/onap-discuss
