[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security review
From: |
Giorgio Maone |
Subject: |
Re: Security review |
Date: |
Tue, 4 Jan 2022 17:25:50 +0100 |
User-agent: |
None of Your Business 1.0 |
Hi and happy new year!
best time for me either the week starting 17/01 or the week starting
31/01 (not the one in-between).
Thanks and best,
-- G
On 04/01/22 15:00, Libor Polčák wrote:
> Hello all,
>
> see below the details of the security review for the project. Who
> wants to attend? I think that me and Giorgio are the most critical.
> Martin, Marek, and Matúš can join if they wish.
>
> I thinks that we should try to schedule the review between 17.1. and
> 4.2. Do you have any preferred time? Do you have any time to avoid?
> Please let me know by the end of the week.
>
> Thanks
>
> Libor
>
>
> -------- Security review --------
>
> *Getting started*
> To get started with the basic security quickscan we would like to
> invite you to our internal secure chat environment (a separate
> RocketChat instance). In the chat you can directly communicate with a
> ROS auditor and follow along the process of the quickscan. We call
> this concept Peek-Over-Our-Shoulder.
>
> To onboard you to the chat, we need the full name and e-mail address
> of everyone on your team you would like to involve. Once we receive
> the requested information we will send you a link to set your password
> for our chat environment and gitlab, and the client onboarding manual.
>
> *Basic security quickscan*
> The grant allocated two (2) person days for the basic security
> quickscan for every NLnet NGI0 project. The two days will allow a ROS
> auditor to give you high-level security advice about your project. The
> number of days is limited to be able for us to support all the NLnet
> NGI0 projects. In case more days are needed, this could be discussed
> with NLnet. We advise you to contact us sooner rather than later for
> the basic security quickscan so we can go forward with scheduling the
> quickscan and discussing how to help you based on your project plan,
> expected milestones and outcomes.
>
> *Stay in touch and informed*
> Please keep in mind that due to the 2-day time constraint we believe
> it's especially important to have a close communication loop so the
> allocated resources can be used effectively. Therefore we encourage
> you to check in with the chat regularly once the quickscan starts so
> that we can deliver the best value for your project.
>
>
--
Giorgio Maone
https://maone.net
- Security review, Libor Polčák, 2022/01/04
- Re: Security review,
Giorgio Maone <=