Proposed SIG-Security meeting agenda for Dec-07-22

[lmbr-pip]

Meeting Details

• Date/Time: Month Date, Year @ 06:00 PM UTC / 02:00 PM ET
• Location: Discord SIG-Security Voice Room
• Moderator: Deepak Sharma
• Note Taker Pip Potter

The SIG-Security Meetings repo contains the history past calls, including a link to the agenda, recording, notes, and resources.

SIG Updates

What happened since the last meeting?

Meeting Agenda

• Discuss plans for next SIG election
• Start new campaign to get commitments to patch security issues: https://github.com/o3de/o3de/issues?q=is%3Aissue+is%3Aopen+label%3Akind%2Fsecurity
• Discuss new reporting guidance
• Discuss issue template has two ways to report issues currently: https://github.com/o3de/o3de/issues/new/choose, which policy should we link to?

Outcomes from Discussion topics

Discuss outcomes from agenda

Action Items

Create actionable items from proposed topics

Open Discussion Items

List any additional items below!

[amzn-changml]

As part of our reporting guidance, we should also link to this page, as we've now enabled private security reporting: https://github.com/o3de/o3de/security/advisories

[dshmz]

Discuss plans for next SIG election - SIG decided to hold elections in the month of January after the holiday season.

Start new campaign to get commitments to patch security issues: https://github.com/o3de/o3de/issues?q=is%3Aissue+is%3Aopen+label%3Akind%2Fsecurity - Deepak has followed up with other SIGs on the pending GHIs.

Discuss issue template has two ways to report issues currently: https://github.com/o3de/o3de/issues/new/choose, which policy should we link to? - We should update it after the change in private settings to the repo. O3DE Security Policy needs to be updated.