Blog Post on log4j response

Question

Blog Post on log4j response

mheadd opened this issue 3 years ago · 6 comments

We should write up a blog post (or other document) that captures the steps we took to respond to the log4j exploit. We should emphasize the benefits that having a managed platform like cloud.gov brought to our response efforts.

Create initial blog post draft
Solicit review from clpud.gov engineering
Solicit review for plain language
Identify target blog for publication (cloud.gov? 18F blog?)
Obtain OSC approval

Answer 1 · 2022-04-06T16:26:45.000Z

YES. Happy to help write this. Let's get this on the board.

Answer 2 · 2022-06-08T13:09:01.000Z

@pburkholder I've started a draft here. Still rough, but starting to flesh it out. https://docs.google.com/document/d/1fBUY4U8lVW9SzluQBrm894eIL2a6AIF6kEnSBezD_TI/edit#

Answer 3 · 2022-06-09T21:19:41.000Z

I've roped myself into a talk on "cloud.gov and the SCR process: what it means for you" next Friday, which pretty much consumes my capacity for extra-curricular comms for the next week. I can do more after 6/17

Answer 4 · 2022-06-29T12:27:50.000Z

Completed draft here: https://docs.google.com/document/d/1fBUY4U8lVW9SzluQBrm894eIL2a6AIF6kEnSBezD_TI/edit#

Answer 5 · 2022-07-18T17:16:02.000Z

Next steps: Look for scrutiny from TTS Outreach, given that it may have a wider audience than our normal updates.

Answer 6 · 2024-05-31T16:01:24.000Z

No longer needed