...
- Releases typically occur every 6 months.
- A release will use the last TSC approved security requirements that were approved at least 6 month prior to the release.
- Exceptions must be submitted a minimum of 21 days prior to release
- Note: Critical vulnerabilities/security items, as categorized by the Akraino Security Sub-Committee, must be fixed even if found inside lock out window.
Maturity Review: Security Requirements Criteria
...
Release 4 (Target Date November 30, 2020) Incubation Requirements:
- Vuls PASS/FAIL Criteria, v1.0
- Lynis PASS/FAIL Criteria, v1.0
- Kube-Hunter PASS/FAIL Criteria, v1.0
Month | 6/2020 | 7/2020 | 8/2020 | 9/2020 | 10/2020 | 11/2020 | 12/2020 | 1/2021 |
---|---|---|---|---|---|---|---|---|
Release | Rel. 4 | |||||||
Security Requirement Update | v. 1.0 | |||||||
Minimum Security Requirement | v. 1.0 | |||||||
Maximum Security Requirement | v. 1.0 | |||||||
Release 4 Minimum Security Requirement Lock Out Window |
Maturity Review: Security Requirements Criteria
- Exception granted in cases of non-applicability.
- Exception granted in cases where another security mechanism specified in the blueprint and implemented mitigates the risk.
- Exceptions requested for cases above must be approved by the security sub-committee.
- Exceptions require a maximum of 21 days to review.
- The formal email date received, requesting a maturity review would be the Maturity Request date and this would define the set of security requirements that apply.
- Note: Critical vulnerabilities/security items, as categorized by the Akraino Security Sub-Committee, must be fixed even if found inside lock out window.
Current Maturity Requirements:
- Vuls PASS/FAIL Criteria, v1.0
- Lynis PASS/FAIL Criteria, v1.0
- Kube-Hunter PASS/FAIL Criteria, v1.0
Month | 6/2020 | 7/2020 | 8/2020 | 9/2020 | 10/2020 | 11/2020 | 12/2020 | 1/2021 |
---|---|---|---|---|---|---|---|---|
Maturity Request | ||||||||
Security Requirement Update | v. 1.0 | |||||||
Minimum Security Requirement | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | ||
Maximum Security Requirement | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | v. 1.0 | ||
Release 4 Minimum Security Requirement Lock Out Window |
...
Vuls
Vuls will be integrated with Blueprint Validation Framework (Bluval User Guide)
...