==============================================
#acumos-meeting: Acumos TSC Security Committee
==============================================


Meeting started by bryan_att at 14:03:09 UTC.  The full logs are
available at
http://ircbot.wl.linuxfoundation.org/meetings/acumos-meeting/2018/acumos-meeting.2018-07-17-14.03.log.html
.



Meeting summary
---------------

* Agenda  (bryan_att, 14:18:53)
  * Standing agenda minus S-V (in progress)  (bryan_att, 14:19:09)
  * Manoop: CI best practices:
    https://bestpractices.coreinfrastructure.org  (bryan_att, 14:20:11)
  * LINK:
    https://wiki.acumos.org/display/REL/Security+Vulnerability+Threat+Template
    (talasila, 14:21:53)
  * Manoop: security checklist  (bryan_att, 14:22:03)
  * LINK: https://jira.acumos.org/browse/ACUMOS-1094  (talasila,
    14:24:47)
  * Nexus-IQ produces a report that will be reviewed by the PTLs and (1)
    any issues corrected; (2) any false positives explained and removed
    from future reports  (bryan_att, 14:29:30)
  * Bryan: we should investigate using Nexus-IQ for model scanning
    (bryan_att, 14:30:27)
  * Bryan: the Nexus-IQ tool does seem to address the goals for the
    project scanning; we need to work with PTLs to get them familiar and
    addressing the issues  (bryan_att, 14:41:00)
  * In the meantime we will review (on these calls) the items for core
    components and provide input to the PTL on this call - we will
    invite the PTLs to meetings planned to review their components
    (bryan_att, 14:42:21)
  * To start with CDS and portal, then onboarding and design studio;
    then we will have a working process and tackle the rest  (bryan_att,
    14:43:08)
  * Manoop: we will come up with a plan for this release and following
    as needed  (bryan_att, 14:44:34)
  * We will list the items at a high level and address details offline
    (bryan_att, 14:45:48)
  * Present: Bryan. Farheen. Guy, Manoop, Nat  (bryan_att, 14:47:48)
  * Bryan: for deployment hardening we should consider whether more
    customized microservice kernels ala what can be built using
    linuxkit, will provide any security or other advantages (e.g.
    efficiency, in terms of container size or resources when running).
    (bryan_att, 14:56:52)
  * Guy: size-savings may be limited as much of the end-size of a
    container are the ML libraries/tools that are loaded during
    container generation  (bryan_att, 14:57:45)
  * Next meeting we will put CDS and Portal Nexus-IQ report discussion
    as the primary agenda items  (bryan_att, 15:00:09)



Meeting ended at 15:00:52 UTC.



People present (lines said)
---------------------------

* bryan_att (17)
* talasila (4)
* collabot (3)



Generated by `MeetBot`_ 0.1.4