CVE Board Agenda for Wednesday, 6 February 2019

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

CVE Board Agenda for Wednesday, 6 February 2019

Coffin, Chris


2:00 – 2:15: Introductions, action items from the last meeting

  • Previous Action Item: MITRE to assemble additional operational guidance for program participation by CNAs (e.g., webinars).
    • Status: In process. We have assembled a list of ideas for guidance topics for this and other areas of the program.
  • Previous Action Item: Reach out to Booz Allen Hamilton about CVE content. They have not submitted any new content.
    • Status: Not Done. MITRE is determining the appropriate policy in this case and will reach out to Booz Allen Hamilton once complete.
  • Previous Action Item: Determine next steps for DWF Root CNA
    • Status: A meeting has been scheduled to discuss on Thursday, February 7, 2019.
  • Previous Action Item: Send latest version of the Root CNA Roles and Responsibilities document.
    • Status: Done. Sent to the SPWG list on Wednesday, January 23, 2019.
  • Previous Action Item: MITRE to work with Microsoft on starting the automated submission process (similar to IBM’s) and document that process
    • Status: Will begin once Microsoft is ready. Targeting March Patch Tuesday based on recent notification from Lisa.
  • Previous Action Item: MITRE (Chris C/Jonathan) to send out an email to the Board list to initiate the CNA Rules revision process.
    • Status: In process. We have assembled a list of items and will perform internal review before sending to the Board in Jan. Will also target discussions of these items in the CNA Virtual Summit. MITRE to draft CNA Rules regarding EOL Scoping issue and Note Field in JSON. MITRE will draft up clarifications to CNA rules on the RBP rules and send to the Board for review.
  • Lisa Olson will reach out to GitHub to and see if they can assist DWF.
    • Status: In process.


2:15 – 2:30: Working Groups

  • Strategic Planning – Kent Landfield/Chris Coffin
  • Automation – Chris Coffin
  • Cloud Security Alliance – Kurt Seifried
  • Quality Working Group (QWG): Dave Waltermire/Chris Coffin
  • CNA Coordination Working Group (CCWG): Tod Beardsley/Chris Coffin
    • Todd has sent a doodle poll for kickoff meeting dates to the CCWG list


2:30 – 2:45: CNA Update

  • DWF – Kurt Seifried 
  • MITRE – Jonathan Evans
  • JPCERT – Taki Uchiyama


2:45 – 3:15: CVE Quarter 4 Report Card Slide Deck Review (Jonathan Evans)


3:15 – 3:45: CNA Virtual and Face-to-Face Summits: Board Suggestions for Topics and Discussions (Chris Coffin)


3:45 – 3:55: Open Discussion Board

3:55 – 4:00: Action items, wrap-up