The Technical Committee, Please see this review which offers threat analysis as an option for the vulnerability:managed tag: https://review.openstack.org/#/c/294212/ Kolla coresec team: In this IRC meeting on Security, I requested an audit, and the security team came back with a threat analysis suggestion, hence the above review. What the security team needs from us is architecture diagrams. Please read the full irc log here if your interested in Kolla security: http://eavesdrop.openstack.org/meetings/security/2016/security.2016-03-17-17.00.log.html#l-183 We may have this threat analysis during Austin ODS sessions, or via a web conference to be decided. I'll start working on architecture diagrams that help facilitate this discussion and share them via a shared diagramming tool. The architecture diagrams help facilitate this discussion: https://openstack-security.github.io/collaboration/2016/01/16/threat-analysis.html Regards, -steve -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160317/0bcb94c1/attachment.html>