Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

2013.03.19 CAS AppSec Working Group Call

...

Participants 

Agenda

  • Introductions
  • Review/Approve Meeting Minutes
  • Review Action Items
  • Open Discussion
  • Meeting Schedule
  • Share sample security artifacts
  • Next Steps

Meeting Notes

Added Aaron Weaver to the group.  Aaron is an AppSec specialist, works for Pearson, deploys CAS.

Two mailing list have been created...cas-appsec-public and cas-appsec-private.

Reviewed initial context data flow diagram created by David.

...

  • Sketch out CAS security assessment - Team
  • Draft WG charter - Andrew
  • Follow up with cas-dev regarding 3rd party vs custom code - Jérôme
  • Review https://www.owasp.org/index.php/Application_Threat_Modeling - Team
  • Revise Share and revise example security artifacts (data flow diagram, etc) - David, Jérôme Jérôme, Team
  • Invite team to cas-appsec-private - Bill
  • Run Veracode against CAS 3.5.2 - Aaron
  • Inquiry about EC2 test instance - Bill

...