Difference between revisions of "Security Teams"
Robert-clark (talk | contribs) (→OpenStack Security Group (OSSG)) |
Robert-clark (talk | contribs) |
||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
− | + | OpenStack historically had two security organizations - the Vulnerability Management Team (VMT) and the OpenStack Security Group (OSSG). | |
− | + | ||
− | + | These organizations have now combined under the [[Security|Security Project]]. The VMT continues to operate as a largely independent body for confidentially handling vulnerabilities but with stronger ties to the Security Project as a whole, which leads efforts to make OpenStack more secure through education, software tooling and security evangelism. | |
− | |||
− | == | + | ==Security Project == |
+ | * [[Security|Security Project wiki page]] | ||
* https://launchpad.net/~openstack-ossg | * https://launchpad.net/~openstack-ossg | ||
− | |||
* http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security | * http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security | ||
* Security experts and auditors working on OpenStack security | * Security experts and auditors working on OpenStack security | ||
* Publishes OSSN (OpenStack Security Notes) | * Publishes OSSN (OpenStack Security Notes) | ||
* Advises on [[Security/OSSA-Metrics|Vulnerability Metrics]] | * Advises on [[Security/OSSA-Metrics|Vulnerability Metrics]] | ||
+ | |||
+ | == Vulnerability Management team (VMT) == | ||
+ | * https://launchpad.net/~openstack-vuln-mgmt | ||
+ | * Handles incoming vulnerability reports, following [[VulnerabilityManagement]] | ||
+ | * Publishes OSSA (OpenStack Security Advisories) |
Latest revision as of 14:07, 24 September 2015
OpenStack historically had two security organizations - the Vulnerability Management Team (VMT) and the OpenStack Security Group (OSSG).
These organizations have now combined under the Security Project. The VMT continues to operate as a largely independent body for confidentially handling vulnerabilities but with stronger ties to the Security Project as a whole, which leads efforts to make OpenStack more secure through education, software tooling and security evangelism.
Security Project
- Security Project wiki page
- https://launchpad.net/~openstack-ossg
- http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security
- Security experts and auditors working on OpenStack security
- Publishes OSSN (OpenStack Security Notes)
- Advises on Vulnerability Metrics
Vulnerability Management team (VMT)
- https://launchpad.net/~openstack-vuln-mgmt
- Handles incoming vulnerability reports, following VulnerabilityManagement
- Publishes OSSA (OpenStack Security Advisories)