Difference between revisions of "Security/Projects"

Revision as of 17:39, 18 September 2014

Introduction

This page tracks the ongoing security efforts within the OpenStack community. Most of the work here is being performed by members of the OpenStack Security Group (OSSG). There are many ways that you can get involved:

Contact one of the project leads listed below to help with a specific project.
Learn about other ways to contribute.
Attend the weekly OSSG IRC meetings to learn more.

OpenStack Security Guide

This is the book that was originally created in a book sprint in June 2013. Ongoing work to maintain and improve the book is being led by the following group:

Cross Project Security Guidelines

A cross-project set of security guidelines for OpenStack development should be established and followed, similar to the way that coding standards are handled. More details are available on the Security Guidelines wiki page.

This project is being worked on by the following people:

Nathan Kinder (nkinder) from OSSG
Robert Clark (hyakuhei) from OSSG
Paul Montgomery (paulmo) from Project Solum - Solum Security Requirements Wiki (in progress)

Bandit Source Code Analyzer

Bandit is a Python AST-based static analyzer from the OpenStack Security Group. More details are available on the Bandit wiki page.

Core project team:

Jamie Finnigan (chair6)
Travis McPeak (tmcpeak)
Nathan Kinder (nkinder)

@@ Line 19: / Line 19: @@
 * Robert Clark (hyakuhei) from OSSG
 * Paul Montgomery (paulmo) from [https://wiki.openstack.org/wiki/Solum Project Solum] - [https://wiki.openstack.org/wiki/Solum/SecurityRequirements Solum Security Requirements Wiki (in progress)]
+==Bandit Source Code Analyzer==
+Bandit is a Python AST-based static analyzer from the OpenStack Security Group.  More details are available on the [[Security/Projects/Bandit | Bandit]] wiki page.
+Core project team:
+* Jamie Finnigan (chair6)
+* Travis McPeak (tmcpeak)
+* Nathan Kinder (nkinder)