[cf-dev] Call for Help with Vulnerability Management for CFF projects

Swarna Podila <spodila@...>

For those of you who are not on cf-dev mailing list.

-- Swarna Podila (she/her)
, Community
 | Cloud Foundry Foundation

You can read more about pronouns here, or please ask if you'd like to find out more.

---------- Forwarded message ---------
From: Dieu Cao <dcao@...>
Date: Wed, Feb 26, 2020 at 11:42 AM
Subject: [cf-dev] Call for Help with Vulnerability Management for CFF projects
To: cf-dev <cf-dev@...>


The CF community is looking for a handful of volunteers to help reconstitute a multi-member vulnerability management team for CFF projects. Recently, the task has fallen to the Pivotal/VMware security team alone. However, the whole community has a stake in this process.

We're looking for individuals that either: (1) have past experience managing security reports responsibly within either a commercial or open source setting, or (2) are willing and capable of learning by doing. One of the keys to success here will be for the volunteers to have a true sense of being responsible for this process.

Don't worry if you're not a security expert. You do have to be willing to spend a few hours a week helping manage the process.

If interested, reply here or contact me directly. Once we get a reasonable group of volunteers, we'll setup the appropriate meetings to get started.

Dieu Cao
CFF PMC Council Chair