At the OPNFV Summit in Berlin, I explained how the OPNFV Security group has integrated security scans in the Continuous Integration (CI) process. This means that now the Platform Build Tests execute automatic vulnerability checks on the multiple integration environments deployed worldwide as part of the Pharos labs. Here’s a video of the presentation we gave at the summit.
My colleague, Marcos (and co-author of this post) explains the OPNFV Security group’s mission: Improve OPNFV security through architecture recommendations, better documentation, code reviews, upstream collaboration, vulnerability management and security research. It provides an umbrella group to encourage development of security-centric functions within the OPNFV ecosystem and the upstream communities to handle vulnerability and threats in a coordinated manner.
Continue reading “Automated NFV security scans in OPNFV continuous integration”