Re: Opinions/suggestions regarding security testing framework and approach targeting EdgeX California release?
toggle quoted messageShow quoted text
We’ve setup a Security Testing Subgroup page on the WikI at https://wiki.edgexfoundry.org/display/FA/Security+Testing+Subgroup to keep track of future scheduled meetings, recordings, minutes, work items, documents etc.
From: EdgeX-TSC-Security@... <EdgeX-TSC-Security@...> On Behalf Of Zeng, Tingyu
Sent: Tuesday, April 10, 2018 4:44 PM
Subject: [Edgex-tsc-security] Opinions/suggestions regarding security testing framework and approach targeting EdgeX California release?
We just had our first security testing group meeting this morning and there are two security testing guides discussed.
OWASP is a collaboration of application security community and it’s top 10 list are well recognized and followed.
It was released about two weeks ago and categorizes the aspects of security of endpoint
As an initial efforts we are trying to map these guidance into EdgeX and evolve the security testing along future EdgeX releases. Let us know if you have different idea or suggestions. A draft will be provided to reflect our approach later.