Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-1002

[SA-11,SA-11(2),SA-11(8)]: Sync with the OSD team on the reply

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • 1
    • True
    • None - Recommend filling out now that Blocked is a True/False field instead of a status.
    • False
    • Undefined
    • CMP Sprint 35, CMP Sprint 36

      The SA-11 controls fail somewhere between the responsibility of the cloud operator and the developer. Some controls (esp SA-11 itself) fall more on the side of the operator (develop a security assessment plan, implement a flaw remediation process), so it makes sense to sync with the OSD team about what they are doing.

       

      Acceptance criteria:

       - reach out to the OSD team about what they are doing wrt the more process-side controls in the SA-11 group and refine our answer based on that

            jhrozek@redhat.com Jakub Hrozek
            jhrozek@redhat.com Jakub Hrozek
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: