...
Time | Item | Who | Notes | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
10-15 min | Cookie SameSite topic raised in Slack | Team + Zak |
| ||||||||
1 min | Update on SECURITY-159 / FOLIO-4012 | Craig | |||||||||
5 min | TLS for edge modules | Julian + Team | For Quesnelia Bug Fix all edge modules got TLS support. Spring based edge modules must fix TLS related security issues: FOLSPRINGS-156, EDGCMNSPR-53 ("Spring Boot 3.2.6, bcprov-jdk18on 1.78 fixing vulns") Blocked by code review of the fixes: | ||||||||
1-15 min | Jira Group and Security Level review | Team | From Craig in slack:
| ||||||||
Remaining time | Anything Urgent? Review the Kanban board? | Team |
| ||||||||
Topic Backlog | |||||||||||
Time permitting | Advice for handling of sensitive banking information | Team | From slack conversation, I think I've gathered the following:
Let's review and discuss before providing this feedback to Raman. Axel Dörrer also suggested that defining classes of sensitivity could help teams determine which techniques are applicable in various situations. I agree having some general guidelines on this would be helpful.
It would probably help to provide concrete examples of data in each class. This can be a longer term effort, we don't need to sort out all the details today.
Today: Axel Dörrer to do a first draft as a base for further discussions | ||||||||
Status on pentesting works within Network traffic control group | Due to some absences on different reasons the group stalled. Axel will try to reactivate the group. |
...