XMLWordPrintable

    Details

    • Sprint:
      VNFRQTS Sprint 32

      Description

      Current Requirement

      The VNF SHOULD have source code scanned using scanning tools (e.g., Fortify) and provide reports.

      Proposed Requirement

      The VNF provider MUST follow GSMA vendor practices, and <others> when developing the VNF in order to minimize the risk of vulnerabilities. See GSMA NESAS Network Equipment Security Assurance Scheme – Development and Lifecycle Security Requirements Version 1.0 (https://www.gsma.com/security/wp-content/uploads/2019/11/FS.16-NESAS-Development-and-Lifecycle-Security-Requirements-v1.0.pdf) and SEI CERT Coding Standards (https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards).

      NOTE: Samuli will provide list of references

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            zwarico Amy Zwarico
            Reporter:
            zwarico Amy Zwarico
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: