2013.04.02 CAS AppSec Working Group Call
...
- Tuesday, April 2, 2013. 14:00 - 15:00 US - Eastern (GMT -04:00)
- Call in Number: http://www.calliflower.com/2011/11/15/international-conference-calling/
- Conference Code: 4397017
Participants
Agenda
- Introductions
- Review/Approve Meeting Minutes
- Review Action Items
- JIRA for issue tracking?
- Apereo Conference in June
- Input Validation/Filtering
- Open Discussion
- Meeting Schedule
- Share sample security artifacts
- Next Steps
Meeting Notes
Action Items
- Sketch out CAS security assessment - Team
- Draft WG charter - Andrew
- Follow up with cas-dev regarding 3rd party vs custom code - Jérôme
- Review https://www.owasp.org/index.php/Application_Threat_Modeling - Team
- Share and revise example security artifacts (data flow diagram, etc) - David, Jérôme, Team
- Invite team to cas-appsec-private - Bill
- Run Veracode against CAS 3.5.2 - Aaron
- Inquiry about EC2 test instance - Bill
...