You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

1. Introduction

The ONAP Security Best Practices is a list of Best Practices recommended by the ONAP sub-committee.  These best practices have the following states:

  • Draft: It is still under discussion in the ONAP security sub-committee
  • Recommended: It is recommended by the security sub-committee but not yet approved by the TSC
  • Approved: It is approved by the TSC.


 2. CII Badging Program.

Status: Approved 

Best Practice:

It is recommended that the ONAP projects are certified as part of the CII badging program.  A gold badge is recommended, however the basic passing badge is the starting point.

This is currently being introduced slowly with 2 projects undergoing certification.

•Basic introduction can be found here: https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/criteria.md
•Silver/Gold criteria can be found here: https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/other.md



3. Credential Protection and Management

Status: Draft

Best Practice:

<Text to be included>


4. Static Code Scans

Status: Draft

Best Practice:

XXXX is used for static code scans

XXXX= Coverity, other ...

<< Insert procedure here>>


  • No labels