On Wed, Nov 30, 2016 at 9:02 AM, Björn Stübe <info at bjoern-stuebe.de> wrote: > Hey Community, > > I'm implementing an OpenStack environment for study purposes. My goal is > to make an security audit on the environment for the ISO/IEC 27001 > certificate. Do you have hints as I could started? Do you have tipps > which I should pay attention to? > > Best regards, > Björn > I would recommend coming onto the security project IRC meeting tomorrow, as there is an ongoing program in place for Threat Analysis and would be very useful to align efforts with you. We meet on IRC every Thursday @ 17:00 UTC on freenode, channel #openstack-meeting-alt This is where we are maintaining threat analysis: https://review.openstack.org/#/q/project:openstack/security-analysis You can see a current review underway here: https://review.openstack.org/#/c/356025/ -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20161130/e954ff0c/attachment.html>