From d0bf83bed1b156f197cab4e1a7eb4136e247567e Mon Sep 17 00:00:00 2001 From: Dana Wang Date: Fri, 12 Jul 2024 18:07:13 -0500 Subject: [PATCH] Update security_baseline_sandbox_stage.md updated the goal Signed-off-by: Dana Wang --- .../security_baseline_sandbox_stage.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/process/sig-lifecycle-documents/security_baseline_sandbox_stage.md b/process/sig-lifecycle-documents/security_baseline_sandbox_stage.md index de738c1a..5df42c52 100644 --- a/process/sig-lifecycle-documents/security_baseline_sandbox_stage.md +++ b/process/sig-lifecycle-documents/security_baseline_sandbox_stage.md @@ -4,9 +4,12 @@ The goal of this SIG is to evolve [OpenSSF security baseline](https://github.com/ossf/tac/blob/a90b9838739ac18df43197fdd89f045c1a1e4dc3/process/security_baseline.md) for Linux Foundation wide adoption. +For OpenSSF adoption of the security baseline, there needs to be a home for tracking the adoption, for maintainers to raise issues to achieve the objectives of the baseline, and for OpenSSF to develop the roadmap for refining the baseline and future roadmaps. The pilot adoption builds the foundation for wider adoption of the baseline in OpenSSF and in Linux Foundation. + This SIG creates a venue for other participating foundations to help evolve the OpenSSF security baseline into a security baseline that can be applied to a broad range of software-based projects. The group will define the right level of risks that the baseline is applicable for, the effectiveness measurement of the baseline, and the adoption path of the baseline at the minimum. -Members of this group will be from various Linux foundations and entities outside of Linux FOundation. Reducing duplicate effort and achieving a higher level of security across Linux FOundation participating foundations is the starting focus of this group. +Members of this group will be from various Linux foundations and entities outside of Linux Foundation. Reducing duplicate effort and achieving a higher level of security across Linux FOundation participating foundations is one of the goal of the group. + ### List SIG Lead(s) The SIG must have a minimum of 1 Lead