Let's do our best to retain as much focus as possible on security tools e.g. for: - commit gate integration - build/deploy process integration - static security vulnerability scanning - open source license scanning - realtime (running platform) vulnerability scanning (this might be a service VNF e.g. a Network IDS (Snort, Suricata) and Host IDS (OSSEC) as suggested in the Models wiki)
On Apr 3, 2017, at 9:44 AM, Luke Hinds <[email protected]> wrote: After discussions and voting in the OPNFV Security Group (SG) and the Infra-WG, it has been decided that the SG will move into the Infra-WG. This decision was largely based on the SG and Infra-WG having already worked well together on projects such as the core infrastructure security program, security vuln patching and further planned work such as security lint checks at gate. The SG will now meet in Infra-WG weekly meeting, where engineers from both groups can share expertise and experience. We will also move or at least reference security topics in the Infra-WG Wiki. One noted comment was the SG being under Infra WG will mean less focus on developing security features. This however does not mean the security group, won't be able to help or advise on any project proposals focused on security use cases, but going forward, we will be more active in contributing to OPNFV release & development security. I hope I have illustrated well the clear synergies between security / infra with the release models OPNFV utilises in CI / DevOps, and we look forward to working on some interesting challenges together. Regards, Luke _______________________________________________ opnfv-tech-discuss mailing list [email protected] https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opnfv.org_mailman_listinfo_opnfv-2Dtech-2Ddiscuss&d=DwICAg&c=LFYZ-o9_HUMeMTSQicvjIg&r=OrbtGCluczz9awEKz9Fv7g&m=XYHIArLA0TJstKRxfkQJKdyyYogRty-ZXtBRtHs5RXI&s=W3EmDwlBsRTIkwSdSWsc5cqr0slUFiD7buxGO5lIAgc&e= _______________________________________________ opnfv-tech-discuss mailing list [email protected] https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss
