Topic Leader(s)
Mediator
Topic Overview
| Excerpt |
|---|
60 min Karine Sevilla , Walter Kozlowski (Europe & APAC leaders) Security is key within a virtualized environment, it's an important topic for Anuket which aims to specify a trusted Cloud Infrastructure for workloads. During this session, we will discuss the updates made to the Reference Model for Kali release: open source software security, automation security challenges... |
Slides & Recording
Recording: Cloud Infrastructure Security.mp4
| Info | ||||
|---|---|---|---|---|
| Please indicate your session type in the blank space below and then remove this Info field.||||
Live Interactive Session LFN Staff may elect to publish some videos to YouTube. Please indicate here if you do not want your session to be published to YouTube. |
Agenda
Awesome presentation
- Point 1
- Point 2
Minutes
Action Items
| View file | ||||
|---|---|---|---|---|
|
Agenda
- Reference Model security status
- GSMA cross collaboration
- Security updates included in Kali
- Next steps
Minutes
- RM Security Chapter 7
- Cedric Ollivier: recommend to TSC to "Expand CVE from Functest to other Anuket projects and make the req.sec.oss.001 and req.sec.oss.002 requirements mandatory in the Anuket release process."
- Cedric Ollivier: req.sec.code.004 - IDE Plugins are not the best way to check. It's better to run them in gates and not recommend any IDE.
- Tools where do they belong – RM, RA, RI and RC?
- Cédric Ollivier: Trivy is an easy tool to integrate in testing chain, Clair will be more difficult to integrate.
- Cedric Ollivier: kube-monkey (chaos monkey)
- The Six Pillars appears to be "waterfall" stages – need to ensure that the activities can be incorporated in an agile methodology too.