OpenStack (Keystone) Vulnerability and Threat analysis
Registered by
Abu Shohel Ahmed
This proposal is to start a threat analysis evaluation of the OpenStack system components. As a first step, we can focus on Keystone. A threat analysis takes a comprehensive look at the system at hand – components, protocols and code - against the existence and capability of an adversary looking for known vulnerabilities. When a threat is identified, it is tallied and reported to the development team. In some cases, the threat analysis team may also include a suggestion to fix the vulnerabilities and related threat.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Dolph Mathews
Related branches
Related bugs
Sprints
Whiteboard
I'd love to see more proactive auditing, but there's nothing here that needs to be tracked against a blueprint. -Dolph
(?)