Open u269c opened 2 years ago
It was discussed in the WG today that we may wish to search to see if any existing art or docs exist on this to kickstart our efforts. The team generally thought pursuing this has merit.
We may Check Red Hat's Open Source Incident Response Plan Red Hat Incident Response Plan
We have this previous issue we may want to merge here https://github.com/ossf/wg-vulnerability-disclosures/issues/100
I'm in favor of this as the next project for the working group before #115 and #116, but think all 3 are great ideas.
Agree with @taladrane. I'm also in favor of this project being the next in line. All of the projects sound interesting!
Me and @ByteHackr (Sandipan Roy) are interested to be a part of the sub-working group or SIG for this project
As per https://github.com/ossf/SIRT/pull/5#issuecomment-1256341717
The SIRT's goals are indeed to help with incidents and vulnerability coordinations, but the documentation and training of it should not be handled by the SIRT itself. It was suggested to have the Vuln Discslosure WG look at taking this effort instead.