security:osvm
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
security:osvm [2015/03/04 15:38] Luke Hinds |
security:osvm [2016/03/23 13:51] (current) Luke Hinds |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== OPNFV Security Vulnerability Management (OSVM) ====== | ====== OPNFV Security Vulnerability Management (OSVM) ====== | ||
| - | WIP project. | + | ===== Work Item Team ===== |
| + | |||
| + | * [[lhinds@redhat.com|Luke Hinds (Red Hat)]] | ||
| + | |||
| + | ===== Overview of OSVM ===== | ||
| + | |||
| + | The OSVM process is the manage and coordinate the progressive disclosure and management of vulnerabilities reported or discovered within the opnfv-eco system and upstream projects. | ||
| + | |||
| + | The process inherits from the already present and well functioning OSSG VMT Process and follows the [[http://en.wikipedia.org/wiki/Responsible_disclosure|Responsible Disclosure Approach]] | ||
| + | |||
| + | ===== Draft OSVM Embargoed Vulnerability Mgmt Process ===== | ||
| + | |||
| + | {{ :security:osvm.png?nolink |}} | ||
| Inputs into etherpad please! https://etherpad.opnfv.org/p/opnfv-sec-osvm | Inputs into etherpad please! https://etherpad.opnfv.org/p/opnfv-sec-osvm | ||
| + | |||
| + | The opnfv osvm process is licensed under CC Attribution 3.0 Unported and was kindly granted use by the OpenStack vulnerability Management Team. New additions / refinements made by the opnfv security group are also under a 3.0 Unported license. | ||
security/osvm.1425483531.txt.gz · Last modified: 2015/03/04 15:38 by Luke Hinds
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
