Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Contact Us
Terms and Conditions
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
Connect
The Inner Circle
Communities
Directory
Learn
Certificates & Trainings
Cloudbytes Webinars
Blog
Videos
Cloud Security
Zero Trust
Technology Maps
Cloud Security Map
Zero Trust Map
Engage
Volunteer
Opportunities
Events
Application Containers & Microservices
Back to discussions
Expand all
|
Collapse all
Meeting Minutes - April 8 2021
1.
Meeting Minutes - April 8 2021
0
Like
Hillary Baron
Posted Apr 08, 2021 11:37:00 AM
Reply
Reply Privately
Options Dropdown
CSA Announcements
Research Downloads:
https://cloudsecurityalliance.org/research/artifacts/
Peer Reviews and Surveys:
https://cloudsecurityalliance.org/research/contribute/
Events:
https://cloudsecurityalliance.org/events/
Discussed Chapter 6
Comment from Mark regarding the sections
"The positioning is not enterprise, and not enterprise inheritable (except for QAQC reporting post-pull requests after branch merge but that is deliberately out of scope here). Shift-left control state is a means to control the scope and keep SDLC is as an overlay as long as its DEV scoped with Enterprise plane mentioned.If you can Map the OWASP top 10 API threats to NIST v5 controls, it solves this dilemma. I wager that you will winder up with 3 or 4 control families and about a dozen specific controls for low baseline - the rest is policy as code.
https://owasp.org/www-project-api-security/
"
Review sections 6.1.5, 6.1.6, 6.1.3. 6.1.3 is a good reference for layout
Reminder to reference Chapter 5 when writing Chapter 6 to remain consistent
New to the working group? Please review the document and the work instructions in the recordings below.
Document:
https://docs.google.com/document/d/18w6WEzerGo4pwVfUBemDbz3jVP0lx29zo2uZBjz0Ikg/edit#heading=h.w13p4p9revm8
Work Instructions:
March 11:
https://circle.cloudsecurityalliance.org/community-home1/digestviewer/viewthread?MessageKey=905a3688-69f1-4a0b-a3df-e955dccb08aa&CommunityKey=41b12725-fbf1-4fe3-9448-1f4322bad613&tab=digestviewer#bm905a3688-69f1-4a0b-a3df-e955dccb08aa
March 25:
https://circle.cloudsecurityalliance.org/community-home1/digestviewer/viewthread?MessageKey=3e883566-47b4-4102-879d-458612c47ade&CommunityKey=41b12725-fbf1-4fe3-9448-1f4322bad613&tab=digestviewer#bm3e883566-47b4-4102-879d-458612c47ade
------------------------------
Hillary Baron CCSK v4
Program Manager, Research
CSA
Seattle WA
------------------------------
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
Privacy Notice
|
Terms & Conditions
Copyright 2022. All rights reserved.
Powered by Higher Logic