[openstack-dev] [kolla][security][tc] Next steps for Kolla vulnerability:managed tag

Steven Dake (stdake) stdake at cisco.com
Thu Mar 17 18:16:23 UTC 2016


The Technical Committee,

Please see this review which offers threat analysis as an option for the vulnerability:managed tag:
https://review.openstack.org/#/c/294212/

Kolla coresec team:

In this IRC meeting on Security, I requested an audit, and the security team came back with a threat analysis suggestion, hence  the above review.  What the security team needs from us is architecture diagrams.  Please read the full irc log here if your interested in Kolla security:

http://eavesdrop.openstack.org/meetings/security/2016/security.2016-03-17-17.00.log.html#l-183

We may have this threat analysis during Austin ODS sessions, or via a web conference to be decided.  I'll start working on architecture diagrams that help facilitate this discussion and share them via a shared diagramming tool.  The architecture diagrams help facilitate this discussion:


https://openstack-security.github.io/collaboration/2016/01/16/threat-analysis.html

Regards,
-steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160317/0bcb94c1/attachment.html>


More information about the OpenStack-dev mailing list