Learn more about potential security audit #1094
Comments
|
Yes we can do that. We are working with OSTIF, and I am sure they would be both willing and happy to chat. |
|
@bensternthal would it be possible to schedule it for one of the next Security team meetings. The next two are Thursday Sep 14 at 10 ET and then Thursday the 28th of Sep at 10 ET |
|
I invited Amir to both. He is traveling during this time but will let us know which meeting will work for him when we get closer. |
|
Amir will be attending today's meeting. |
|
Oops invited him to the security collab space meetings by accident. I will get him on the node meetings :) |
|
@bensternthal this is the next meeting details: #1100 |
|
Amir will unfortunately not be able to attend tomorrow's meeting. |
|
Confirmed. Amir will attend the Node.js TSC Meeting on Wednesday, September 27⋅06:00 – 07:00 (PT) |
|
This issue is stale because it has been open many days with no activity. It will be closed soon unless the stale label is removed or a comment is made. |
|
Closing it as completed since we have Amir on board. |
One of the requirements for the OSSF best practices Gold Level badge is a security audit every 5 years.
Through the Sovereign tech fund OpenJS will be supported some security audits for OpenJS projects. The discussion the security team meeting today on the Gold level badge had team members wondering about what an audit might look like and how they are carried out.
@bensternthal @rginn would it be possible to have somebody come to a future Security team meeting to present/lead a discussion on that?
The text was updated successfully, but these errors were encountered: