[csit-dev] [vpp-dev] Call for volunteers for Security Response Team

Dave Wallace


I will volunteer even though my experience is a bit limited in the security arena.  I'd like to extend my skill set and knowledge in security.


On 5/27/16 2:46 PM, Edward Warnicke wrote:

Thank you for volunteering :)

Everyone else,

This email got lost in getting to the other mailers in the community, so I've added them back, anyone else volunteer?


On Mon, May 23, 2016 at 3:26 PM, Jim Thompson <jim@...> wrote:
I do this for pfsense, and would be glad to help. 

On Monday, May 23, 2016, Edward Warnicke <hagbard@...> wrote:
As grows and matures, we realize it is important to establish a vulnerability management process and a security team to define and execute it. We're looking for a small group of security-minded people who can form this team. Responsibilities will include:

* Reading and triaging incoming reports of security issues
* Producing patches for security issues as a top priority
* Maintaining confidentiality of security issues until they are patched and publicly disclosed
* Writing advisories to communicate information about security issues and patches to the community

We have David Jorm, an experienced security engineer, onboard to lead the team and define the process, so don't worry if you aren't a security expert. Anyone who is an active developer or other contributor would be welcome to join the team. If you are interested, please let the TSC know.


csit-dev mailing list