Hyperledger is committed to creating a safe and welcoming community for all. For more information please visit the Hyperledger Code of Conduct. |
---|
Welcome and Introductions
Who you are, which project you represent, your role in the project and what your interest is in the Hyperledger security process effort.
Attendees
Announcements
Agenda
- Welcome
Scoring guidelines for blockchain projects in Hyperledger Foundation.
- Security threat modelling for blockchain technology.
- Broader areas to focus
- Infrastructure security.
- Signing artefacts / binary distribution.
- Review comments/discussions on https://github.com/ossf/security-reviews
- Review scorecard from OpenSSF https://github.com/ossf/scorecard.
Review checklist for reporting vulnerabilities. Covers both the project team and an external member.
- Open agenda
Next Meeting
Future Topics
Notes
Action items
- Checklist for members to follow while reporting vulnerabilities.
- Questionnaire to report vulnerability ~ calculate CVE score. Danno Ferrin
- Define scoring guidelines for blockchain & non-blockchain projects in Hyperledger Foundation. Hart Montgomery
Recordings