Topic Thread

  • 1.  Meeting Minutes 20th May

    Posted May 24, 2022 05:27:00 AM
    Dear Serverless working group members,

    please find below a short summary of the call our working group had last Friday.

    Implementation of the NIST controls to Serverless document:
      • We have added another tab which includes the Serverless definition as it was described in the initial 'How to Design a Secure Serverless Architecture' document.
      • The RA - Risk Assessment control category has been signed to Rajiv ( @Rajiv Gunja) for the identification of its serverless related sub-controls
    • Existing lead authors per control family are:
      • AC - Access Control => Brynna Nery ( @Brynna Nery)
      • AT - Awareness and Training => Oscar Monge Espana ( @Oscar Monge)
      • CA - Assessment, Authorization, and Monitoring => Vishwas Manral ( @Vishwas Manral)
      • CM - Configuration Management => Joseph Arcelo ( @Joseph Arcelo)
      • IA - Identification and Authentication => Vani Murthy ( @Vani Murthy)
    • Missing leads for controls below:
      • AU - Audit and Accountabilit
      • SA - System and Services Acquisition
      • SC - System and Communications Protection
      • SI - System and Information Integrity.
    • Anyone interested in being the lead (and identifying relevant sub-controls) for a control category, please contact/email: [email protected]

    Next working group call: Friday 27th May,
    Time: 09:00 a.m. PST / 12:00 p.m. EST / ​​​17:00 GMT / 18:00 CET
    URL: https://zoom.us/j/98681420926  (Meeting ID: 986 8142 0926)


    Kind regards,
    Marina


    ------------------------------
    Marina Bregkou,
    Senior Research Analyst,
    CSA
    ------------------------------