The OpenStack Security Group exists to actively drive security features, best practice and guidance into OpenStack services. In the last year a number of projects have taken off and are now ready for wider adoption in OpenStack.
In this talk we review the various projects that are currently running as part of the OSSG and their impact on OpenStack. We will share the benefits of each project while we seek adoption from more OpenStack developers as well as seek more active engagement from the community.
Projects we will share and discuss:
- Anchor: Ephemeral PKI
- The OpenStack Security Guide (It’s an actual book!)
- Bandit: Static Analysis for Python
- Threat Analysis Efforts
- OpenStack Security Notes
- Cryptographic Audits
- Vulnerability Metrics and Tracking
Our talk will finish with a close look at those areas that need more development and a Q&A with the audience on desirable activities for the direction of future OpenStack security projects