2021-10-05 Security Subcommittee Meeting Notes

Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 5th of October 2021.

Jira No	Summary	Description	Status	Solution
	TSC meeting update	Honolulu maintenance release approved Jakarta timeline proposed: Release Planning Jakarta Participants reminded to vote for TSC membership
	PTL meeting update	Michal to remove vid from OOM Investigating portal-sdk removal Reminded projects to update Security Vulnerabilities tables on protected wiki (CLI, EXTAPI, VNFSDK have made no progress; AAI, MSB have not reported status)
	Angular experience on dependencies	Jared presented his development results on app dependency cluster graph. Slides presented - please refer to thebottom of this page for a link.	started
	ONAP release notes and dependencies	Thomas was contacted. He is retrieving info via script about all the components. Output: Dependencies between components or with external projects are not tracked here.	ongoing	To review the context of this request.
	Feature template follow-up	Muddasar had a meeting with Alla. Muddasar is preparing a slide deck to be presented at the TSC.	ongoing	Slides with the proposal to be presented at the TSC.
	SonarCloud coverage for Jakarta release	Focus on security vulnerabilities that have blocker or critical rank. In Sonar it is called hotspot.	started
[REQ-441]	New Global Requirement	[REQ-441] LOGS MANAGEMENT - PHASE 1: COMMON PLACE FOR DATA – PROPOSAL FOR JAKARTA	ongoing	Next PTLs meeting on 18th of October - agenda
	Kubernetes hardening	Shared by Brian: https://deploy-preview-29791--kubernetes-io-main-staging.netlify.app/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/ CubeCon next week, slack channel exists for Kubernetes security.	started
	OUR NEXT SECCOM MEETING CALL WILL BE HELD ON 12th OF OCTOBER'21.	Kubernetes hardening (Brian) CADI and AAF replacement (Byung)

Recording:

SECCOM presentation:

ApplicationVisualization_2021_05_10.pptx

Space shortcuts

Page tree