Topics

[vpp-dev] [csit-dev] Call for volunteers for Security Response Team


murali Venkateshaiah (muraliv) <muraliv@...>
 


Ed,

I’d like to volunteer, but have limited exposure in the security space, much like the others.

Increasingly for our Overlay product,  this will be a question that will be asked by our customers, and we’d like to have an eye on the ball., as we get underway with deployments.  I hope to pitch in some time and extend my know-how.

Thanks,
-Murali


From: <vpp-dev-bounces@...> on behalf of Dave Wallace <dwallacelf@...>
Date: Friday, May 27, 2016 at 12:43 PM
To: Edward Warnicke <hagbard@...>, Jim Thompson <jim@...>
Cc: "tsc@..." <tsc@...>, "honeycomb-dev@..." <honeycomb-dev@...>, "csit-dev@..." <csit-dev@...>, "vppsb-dev@..." <vppsb-dev@...>, "one-dev@..." <one-dev@...>, "tldk-dev@..." <tldk-dev@...>, "discuss@..." <discuss@...>, vpp-dev <vpp-dev@...>, "nsh_sfc-dev@..." <nsh_sfc-dev@...>
Subject: Re: [vpp-dev] [csit-dev] Call for volunteers for Security Response Team

Ed,

I will volunteer even though my experience is a bit limited in the security arena.  I'd like to extend my skill set and knowledge in security.

Thanks,
-daw-

On 5/27/16 2:46 PM, Edward Warnicke wrote:
Jim,

Thank you for volunteering :)

Everyone else,

This email got lost in getting to the other mailers in the community, so I've added them back, anyone else volunteer?

Ed

On Mon, May 23, 2016 at 3:26 PM, Jim Thompson <jim@...> wrote:
I do this for pfsense, and would be glad to help. 


On Monday, May 23, 2016, Edward Warnicke <hagbard@...> wrote:
As fd.io grows and matures, we realize it is important to establish a vulnerability management process and a security team to define and execute it. We're looking for a small group of security-minded people who can form this team. Responsibilities will include:

* Reading and triaging incoming reports of security issues
* Producing patches for security issues as a top priority
* Maintaining confidentiality of security issues until they are patched and publicly disclosed
* Writing advisories to communicate information about security issues and patches to the community

We have David Jorm, an experienced security engineer, onboard to lead the team and define the process, so don't worry if you aren't a security expert. Anyone who is an active fd.io developer or other contributor would be welcome to join the team. If you are interested, please let the TSC know.

Ed



_______________________________________________
csit-dev mailing list
csit-dev@...https://lists.fd.io/mailman/listinfo/csit-dev