security:osvm
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
security:osvm [2015/03/11 13:54] Luke Hinds |
security:osvm [2016/03/23 13:51] (current) Luke Hinds |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Work Item Team ===== | ===== Work Item Team ===== | ||
| - | * [[luke.hinds@nokia.com|Luke Hinds (Nokia)]] | + | * [[lhinds@redhat.com|Luke Hinds (Red Hat)]] |
| - | ===== Key Work Item Details ===== | + | ===== Overview of OSVM ===== |
| The OSVM process is the manage and coordinate the progressive disclosure and management of vulnerabilities reported or discovered within the opnfv-eco system and upstream projects. | The OSVM process is the manage and coordinate the progressive disclosure and management of vulnerabilities reported or discovered within the opnfv-eco system and upstream projects. | ||
| - | The process inherits from the already present and well functioning OSSG VMT Process. | + | The process inherits from the already present and well functioning OSSG VMT Process and follows the [[http://en.wikipedia.org/wiki/Responsible_disclosure|Responsible Disclosure Approach]] |
| + | |||
| + | ===== Draft OSVM Embargoed Vulnerability Mgmt Process ===== | ||
| + | |||
| + | {{ :security:osvm.png?nolink |}} | ||
| Inputs into etherpad please! https://etherpad.opnfv.org/p/opnfv-sec-osvm | Inputs into etherpad please! https://etherpad.opnfv.org/p/opnfv-sec-osvm | ||
| + | |||
| + | The opnfv osvm process is licensed under CC Attribution 3.0 Unported and was kindly granted use by the OpenStack vulnerability Management Team. New additions / refinements made by the opnfv security group are also under a 3.0 Unported license. | ||
security/osvm.1426082066.txt.gz · Last modified: 2015/03/11 13:54 by Luke Hinds
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: Creative Commons Attribution 4.0 International License
