Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Grouper AppSec Working Group?

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Grouper AppSec Working Group?

Chronological Thread 
  • From: Tom Barton <>
  • To:
  • Subject: Re: [grouper-users] Grouper AppSec Working Group?
  • Date: Wed, 14 Aug 2013 17:33:50 -0500

Bill, thanks. I think this is a very interesting (and fun looking!) way to help ensure that an app like grouper is secure.

Grouper-Users, if you or your security team colleagues might be interested in something like this, please speak up by replying to this thread. The grouper developers would be extremely interested to see what would be learned by such an effort, and I know they will want to address any substantial issues that would emerge.


On 8/14/2013 12:01 PM, William G. Thompson, Jr. wrote:

On a recent grouper-dev call the issue of application security came
up. Earlier this year the CAS community formed a working group
composed of security minded folks from the CAS adopting community.
We've been following OWASP Threat Modeling to produce
security artifacts for CAS

The goals of the WG include improving CAS security, providing security
artifacts for potential adopters, and implementing policy and
processes for vulnerability analysis and notification.

There will be a presentation on this at AppSecUSA 2013 in November.

Anyway happy to chat about this work with anyone if there's interest
in doing something similar for Grouper.


Archive powered by MHonArc 2.6.16.

Top of Page