Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • RM Security Chapter 7
  • Cedric Ollivier: recommend to TSC to "Expand CVE from Functest to other Anuket projects and make the req.sec.oss.001 and req.sec.oss.002 requirements mandatory in the Anuket release process."
  • Cedric Ollivier: req.sec.code.004 - IDE Plugins are not the best way to check. It's better to run them in gates and not recommend any IDE.
  • Tools where do they belong – RM, RA, RI and RC?
  • Cédric Ollivier: Trivy is an easy tool to integrate in testing chain, Clair will be more difficult to integrate.
  • Cedric Ollivier: kube-monkey (chaos monkey)
  • The Six Pillars appears to be "waterfall" stages – need to ensure that the activities can be incorporated in an agile methodology too.

Action Items

  •