Serverless

Meeting Minutes 17th March 2022

  • 1.  Meeting Minutes 17th March 2022

    Posted Mar 22, 2022 07:11:00 AM
    Edited by Marina Bregkou Mar 22, 2022 07:20:21 AM
    Dear Serverless WG members,

    Below are the minutes from our call last week.
    • CSA Announcement
    • Current Activities
      • New action item is 'How to implement NIST controls for Serverless' (see previous relevant post) (This will regard FaaS and later OSCAL)
        • Mapping from IaaS controls to NIST 800-53 or from 800-53 to Serverless controls
        • Draft document / table and post announcement for members to sign their names to the control they are interested in and the sub-category they will work on
        • Goal and scope statement will be on top of the spreadsheet
    • Key notes:
      • Serverless is a shared responsibility model
      • Should consider controls from the hardware which are part of the service provider controls
      • What targets should we map to CCM, NIST-800-53?
      • What will we do for controls that are partially mapped, fully mapped, not mapped?
    • Next working group call:
      Thursday, 31st March, 09:00 a.m. PST / 12:00 p.m. EST / 17:00 GMT / 18:00 EST
      url: https://zoom.us/j/98681420926   (Meeting ID: 986 8142 0926)
    Kind regards,
    Marina

    ------------------------------
    Marina Bregkou,
    Senior Research Analyst,
    CSA
    ------------------------------