#acumos-meeting: Security Subcommittee

Meeting summary

1. Jira tasks (aimeeu, 14:26:58)
   1. Bryan created tag in Jira for all security items; items are displayed on Security wiki page (aimeeu, 14:27:40)
   2. these Jira items are for all security-related tasks across all components (aimeeu, 14:28:45)
   3. attendees Bryan, Aimee Ukasick, Vineet Tripathi (aimeeu, 14:29:03)
   4. the Security committee needs to work with projects to prioritize existing Jira items (aimeeu, 14:29:41)
   
   
2. Validation-Security component (aimeeu, 14:30:10)
   1. page created in the Common Services project's wiki space (aimeeu, 14:30:30)
   2. #link https://wiki.acumos.org/display/CS/Validation-Security (aimeeu, 14:30:47)
   3. Vineet: are all of these related to November release? Bryan: yes (aimeeu, 14:31:39)
   4. Vineet (Portal team) will work with Mukesh to schedule work on these tasks (aimeeu, 14:32:27)
   
   
3. Goals for Athena (aimeeu, 14:33:54)
   1. #link https://wiki.acumos.org/display/SEC (aimeeu, 14:34:09)
   2. Bryan: unsure if Community is ready to stand behind these goals (aimeeu, 14:34:26)
   3. how the ecosystem has to operate in terms of "trust" (aimeeu, 14:34:57)
   4. need to ensure a federated system that I am connected to isn't a threat (aimeeu, 14:36:39)
   
   
4. Validation-Security component (aimeeu, 14:37:44)
   1. needs to be a main focus since it is the most problematic (aimeeu, 14:38:23)
   2. #link https://wiki.acumos.org/display/CS/Validation-Security (aimeeu, 14:38:48)
   3. #link https://jira.acumos.org/browse/ACUMOS-1041 (aimeeu, 14:39:57)
   4. #link https://jira.acumos.org/browse/ACUMOS-1176 (aimeeu, 14:43:24)
   5. discussion on k8s job to trigger scan using 3rd party open source tools (aimeeu, 14:54:03)
   6. Vineet will check into getting resources (aimeeu, 14:54:31)
   7. discussion on what the current validation component does (aimeeu, 14:54:50)

Action items

1. (none)

People present (lines said)

1. aimeeu (26)
2. collabot_ (4)
3. bryan_att (0)