Six months ago at the OpenStack Summit in San Diego, OSSG members Bryan Payne, who works for Nebula, and Robert Clarke, cloud security architect at HP, detailed what they saw as points of concern in OpenStack. At a session in the Portland OpenStack Summit last week, Payne and Clarke were back, updating the community on the progress that has been made.
For one, the OSSG is more organized and operational than it was six months ago. The group now has about 30 members. It has set up a page on the Landscape tracking system to serve as a portal for information about the group’s activities. The OSSG hosts weekly meetings on Internet Relay Chat (IRC), every Thursday at 1 p.m. ET, and posts all of the meeting minutes online.
OpenStack Security Notes
The group has also expanded the type of security guidance it offers, with a new initiative called Security Notes (OSNs).
“OpenStack Security Notes exist to guide users and implementers of OpenStack through various security ‘pain-points’,” the launchpad site states. “Security Notes do not directly address vulnerabilities in OpenStack.”