[cf-dev] Call for Help with Vulnerability Management for CFF projects
Swarna Podila <spodila@...>
For those of you who are not on cf-dev mailing list.
---------- Forwarded message ---------
From: Dieu Cao <dcao@...>
Date: Wed, Feb 26, 2020 at 11:42 AM
Subject: [cf-dev] Call for Help with Vulnerability Management for CFF projects
To: cf-dev <cf-dev@...>
The CF community is looking for a handful of volunteers to help reconstitute a multi-member vulnerability management team for CFF projects. Recently, the task has fallen to the Pivotal/VMware security team alone. However, the whole community has a stake in this process.
We're looking for individuals that either: (1) have past experience managing security reports responsibly within either a commercial or open source setting, or (2) are willing and capable of learning by doing. One of the keys to success here will be for the volunteers to have a true sense of being responsible for this process.
Don't worry if you're not a security expert. You do have to be willing to spend a few hours a week helping manage the process.
If interested, reply here or contact me directly. Once we get a reasonable group of volunteers, we'll setup the appropriate meetings to get started.
CFF PMC Council Chair