Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Transfer security processes to the OpenSearch Software Foundation #219

Open
Tracked by #220
dblock opened this issue Sep 19, 2024 · 3 comments
Open
Tracked by #220

Transfer security processes to the OpenSearch Software Foundation #219

dblock opened this issue Sep 19, 2024 · 3 comments
Assignees
@varun-lodaya
Labels
opensearch-software-foundation The OpenSearch Software Foundation

Comments

@dblock
Copy link
Member

dblock commented Sep 19, 2024

What/Why

What are you proposing?

Currently security mailing lists and processes are administered with help from Amazon. For example, in https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#prioritize-security we say "Note that this repository is monitored and supported 24/7 by Amazon Security, see Reporting a Vulnerability for details." and security @ mailing list is managed by AWS.

  1. Transfer all security processes and mailing lists to the OpenSearch Software Foundation.
  2. Expand the security team to folks from other organizations.

What users have asked for this feature?

Since https://www.linuxfoundation.org/press/linux-foundation-announces-opensearch-software-foundation-to-foster-open-collaboration-in-search-and-analytics.

What problems are you trying to solve?

Security should be managed by a trusted and diverse community.
@dblock dblock added opensearch-software-foundation The OpenSearch Software Foundation and removed untriaged labels Sep 19, 2024
@dblock dblock mentioned this issue Sep 19, 2024
Open
6 tasks
@varun-lodaya
Copy link
Contributor

I will take this up and start the work.

@peternied peternied mentioned this issue Sep 19, 2024
Merged
@varun-lodaya
Copy link
Contributor

varun-lodaya commented Sep 20, 2024
edited
Loading

PR - #223. Addresses the first issue, will add subsequent PRs separately.

@varun-lodaya varun-lodaya mentioned this issue Sep 20, 2024
Merged
@peternied peternied mentioned this issue Sep 20, 2024
Open
@dblock dblock changed the title [PROPOSAL] Transfer security processes to the OpenSearch Software Foundation Transfer security processes to the OpenSearch Software Foundation Sep 24, 2024
@varun-lodaya
Copy link
Contributor

Adding more maintainers to form core Security Response Team - #232

@varun-lodaya varun-lodaya mentioned this issue Oct 21, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@varun-lodaya varun-lodaya

Labels
opensearch-software-foundation The OpenSearch Software Foundation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dblock @varun-lodaya