OpenChain-Project Security-Assurance-Specification issues

OpenChain-Project / Security-Assurance-Specification

Other

21 stars 7 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Update openchain-security-specification-2.0.md

#37 shanecoughlan opened 2 weeks ago
0
[Improvement] Expand definitions section for (1) Secure Software Development to include Secure Programming Techniques and (2) Security Testing to include Static and Dynamic

#36 shanecoughlan closed 4 months ago
14
[Improvement] Change review period to 12 months to align with ISO 17021 for certification of management systems

#35 shanecoughlan closed 8 months ago
6
Add Traditional Chinese translation

#34 szlin closed 7 months ago
2
[Bug] "Scope" section mixed with Definitions in earlier edit cycle

#33 shanecoughlan closed 1 year ago
4
[New Material] What is a quality or complete SBOM for licensing or security use cases?

#32 shanecoughlan closed 5 months ago
8
[Improvement] Adjust SBOM definition to align with Licensing Spec 3.0

#31 shanecoughlan closed 1 year ago
4
[Improvement] Align "Terms and Definitions" in Section 2 with Licensing Spec 3.0

#30 shanecoughlan closed 1 year ago
6
Add triage entry to specific situations where vulnerability not appliable

#29 heliocastro closed 5 months ago
10
[Improvement] Clarify Stated Purpose (Github) and Scope (specification)

#28 shanecoughlan closed 1 year ago
2
[Improvement] Clarifying the "Get Customer" requirement in Section 3.3.2 to make the logic clearer

#27 shanecoughlan closed 1 year ago
2
[Improvement] Include "mitigation" in Section 3.3.2 - Security Assurance

#26 shanecoughlan closed 1 year ago
1
[Improvement] Include "remediation" and "mitigation" in Section 3.1.5 - Standard Practice Implementation

#25 shanecoughlan closed 1 year ago
1
[Improvement] CERT #4 - Add references to ISO/IEC Standards

#24 shanecoughlan closed 1 year ago
2
[Improvement] CERT #3 - Under the Competence category, add requirements

#23 shanecoughlan closed 1 year ago
2
[Improvement] CERT #2 - Please add definitions for “remediate” and “mitigate”

#22 shanecoughlan closed 1 year ago
4
Openchain security assurance 2.0

#21 shanecoughlan closed 1 year ago
0
[Improvement] Revisit Definitions 2.7 - Open Source

#20 shanecoughlan closed 1 year ago
5
[Improvement] Comments on the Known Vulnerability in the proposed Security Assurance Specification

#19 szlin closed 1 year ago
4
[Improvement] ZA/NM05 - Proposed rewording for 3.1.5

#18 shanecoughlan closed 5 months ago
6
[Improvement] SMK24 - Check if time limits are consistent

#17 shanecoughlan closed 11 months ago
4
[Improvement] SMK20 - Customer agreement ask may be too much

#16 shanecoughlan closed 6 months ago
1
[Improvement] SMK15 - First bullet of 3.1.5 seems to be asking for more than Known Vulnerabilities

#15 shanecoughlan closed 6 months ago
0
[Improvement] SMK13 - Add program objectives

#14 shanecoughlan closed 1 year ago
7
[Improvement] SMK10 - Suggested addition of documented review process

#13 shanecoughlan closed 3 months ago
4
[Improvement] SMK04 - Adjustment to Language

#12 shanecoughlan closed 1 year ago
1
Comments on OpenChain security specification 1.1 - Maturity model consideration

#11 szlin closed 3 months ago
1
TOC would be possible, but there are blocking items

#10 kappapiana closed 1 year ago
2
Comments on the proposed Security Assurance Specification

#9 jeff-luszcz closed 1 year ago
5
Various comments

#8 stephenkilbaneadi closed 1 year ago
6
Commentary on architecture-based and model-based approach for developing the security and the assurance for a generic OpenSource Supply Chain

#7 shanecoughlan closed 1 year ago
1
Scope Suggestions from Expert CERT on OpenChain Security Assurance Specification 1.0 (WG3 N2348) 2022-09-07

#6 shanecoughlan closed 1 year ago
5
Scope Suggestions from Expert RU/OP on OpenChain Security Assurance Specification 1.0 (WG3 N2348) 2022-09-17

#5 shanecoughlan closed 3 months ago
7
Editorial Suggestions from Expert ZA/NM on OpenChain Security Assurance (WG3 N2348) 2022-09-08

#4 shanecoughlan closed 1 year ago
4
Security Assurance Reference Guide 2.0 DRAFT - Defining Security Testing

#3 mrybczyn closed 1 year ago
1
Security Assurance Reference Guide 2.0 / Specification Release Candidate 1 - Defining SBOM

#2 shanecoughlan closed 1 year ago
1
Added updated version after recent work team call

#1 shanecoughlan closed 2 years ago
0