Dana Wang

The security baseline uses SECURITY_INSIGHTS.yml to get metadata of a project's security. Scorecard check will help with the baseline adoption, pointing maintainer to exactly what needs to be in place...

> Versus a full post mortem with sensitive information, are there high level recommendations the staff has for best practices in the OpenSSF github? The TAC can then review the...

> Please express your vote and comments on the following: 1.) _GitHub Enterprise Account Structure_ Review the table on ~page 7 of the [gdoc](https://docs.google.com/document/d/1E5RAj0EvOQp-bF8B3gf09Bp0NiZEcqMtZ5Sa__QXbDQ/edit#heading=h.4fuv1otu8gtl) - do you prefer the Hybrid...

> > Please express your vote and comments on the following: 1.) _GitHub Enterprise Account Structure_ Review the table on ~page 7 of the [gdoc](https://docs.google.com/document/d/1E5RAj0EvOQp-bF8B3gf09Bp0NiZEcqMtZ5Sa__QXbDQ/edit#heading=h.4fuv1otu8gtl) - do you prefer the...

@sevansdell I got everything from @bobcallaway and @SecurityCRob

Will the architecture PR in security-baseline in some ways help with this issue? Plan to have another document on vulnerability management and incident response. had discussion with @sevansdell about the...

Had a discussion with CRob about how to formalize the establish the baseline incrementally, by publishing baseline for sandbox first. Here are the advices from CROb 1. Publish the baseline...

Added this to the security baseline. will need TAC vote on the enablement. Will raise a TAC issue and link this to the TAC issue and the baseline

Informative, educational and comprehensive.

Seems the document was not merged, reopening it