Difference between revisions of "Security Teams"
(→Security SIG) |
|||
| (11 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | OpenStack historically had two security organizations - the Vulnerability Management Team (VMT) and the OpenStack Security Group (OSSG). | |
| − | |||
| − | == [[OpenStack]] Vulnerability Management team (VMT) == | + | These organizations have now combined under the [[Security|Security Project]]. The VMT continues to operate as a largely independent body for confidentially handling vulnerabilities but with stronger ties to the Security Project as a whole, which leads efforts to make OpenStack more secure through education, software tooling and security evangelism. |
| + | |||
| + | ==Security SIG == | ||
| + | * [[Security-SIG|Security SIG wiki page]] | ||
| + | * Security experts and auditors working on OpenStack security | ||
| + | * Publishes OSSN (OpenStack Security Notes) | ||
| + | * Advises on [[Security/OSSA-Metrics|Vulnerability Metrics]] | ||
| + | |||
| + | == Vulnerability Management team (VMT) == | ||
* https://launchpad.net/~openstack-vuln-mgmt | * https://launchpad.net/~openstack-vuln-mgmt | ||
| − | * Handles incoming vulnerability reports, [[VulnerabilityManagement]] | + | * Handles incoming vulnerability reports, following [[VulnerabilityManagement]] |
| − | + | * Publishes OSSA (OpenStack Security Advisories) | |
| − | |||
| − | |||
| − | * | ||
Latest revision as of 20:07, 14 April 2025
OpenStack historically had two security organizations - the Vulnerability Management Team (VMT) and the OpenStack Security Group (OSSG).
These organizations have now combined under the Security Project. The VMT continues to operate as a largely independent body for confidentially handling vulnerabilities but with stronger ties to the Security Project as a whole, which leads efforts to make OpenStack more secure through education, software tooling and security evangelism.
Security SIG
- Security SIG wiki page
- Security experts and auditors working on OpenStack security
- Publishes OSSN (OpenStack Security Notes)
- Advises on Vulnerability Metrics
Vulnerability Management team (VMT)
- https://launchpad.net/~openstack-vuln-mgmt
- Handles incoming vulnerability reports, following VulnerabilityManagement
- Publishes OSSA (OpenStack Security Advisories)