CAS AppSec Working Group Call
...
- Friday, February 22, 2013. 13:00 - 14:00 ET
- Call in Number: http://www.calliflower.com/2011/11/15/international-conference-calling/
- Conference Code: 4397017
Participants
- Unlicensed user
- Unlicensed user
- Unlicensed user
- Unlicensed user
- Unlicensed user
- Unlicensed userJérôme LELEU
- Parker Neff (Deactivated)
- David Ohsie
- Andrew Petro
- William G. Thompson, Jr.
- Joachim Fritschi
Agenda
- Introductions
- Review/Approve Meeting Minutes
- Review Action Items
- Open Discussion
- Meeting Schedule
- Share sample security artifacts
- Next Steps
Meeting Notes
After brief introductions the previous meeting minutes were reviewed and approved.
...
Consider adopting OWASP model (Builders, Breakers, Defenders) to help organzie organize and prioritize various work activtiesactivities.
Refine WG scope and objectives via draft charter.
...
- List potential tools for use in a security assessment on WG home page - Team
- Reach out to potential tool vendors regarding licenses for open source projects - Bill
- Sketch out CAS security assessment - Team
- Establish liaison with Jasig Security Contact Group - Andrew
- Draft WG charter - Andrew
- Draft inventory of 3rd party vs custom code - Jérôme
- Draft example security artifacts (data flow diagram, etc) - David
- Investigate private mailing list/wiki for CAS AppSec WG - Bill
- Poll for conf call tools http://doodle.com/f3pm3iuqgfd9fzvb - Bill
- Poll for conf call time http://doodle.com/knfdm66cenhkxveq - Bill
...