This talk will introduce the SUSE Product Security team, who handles the
software security processes for openSUSE and also SUSE Linux Enterprise.
The SUSE Product Security work is split into "reactive" and "proactive"
areas and engineering groups these days.
Reactive work refering to what is traditionally known as "security
incident response", while proactive refers to security audits, design
reviews and related areas of secure software development.
The talk will focus on the reactive side, giving statistics, and talk
about some highlights from the last year.
Also bringing a small overview over how closing the leap gap changes
affects the openSUSE Maintenance process.
This talk will introduce the SUSE Product Security team, who handles the
software security processes for openSUSE and also SUSE Linux Enterprise.
The SUSE Product Security work is split into "reactive" and "proactive"
areas and engineering groups these days.
Reactive work refering to what is traditionally known as "security
incident response", while proactive refers to security audits, design
reviews and related areas of secure software development.
The talk will focus on the reactive side, giving statistics, and talk
about some highlights from the last year.
Also bringing a small overview over how closing the leap gap changes
affects the openSUSE Maintenance process.