Call for Volunteers - Haskell Security Response Team 2024

Haskell Foundation
#1

The Security Response Team (SRT) is formally calling for applications to join the SRT. People from the Haskell community with information security experience are encouraged to apply. This is an opportunity to have a large impact on the practice of Haskell programming going forward.

Since its inception, the SRT has had an outsized impact on the Haskell Ecosystem. I can say with confidence that the group conducts its business in an extremely professional and disciplined manner. If you have an interest in helping the team continue its mission, please apply!

Security Response Team responsibilities

The general responsibilities of the SRT are:

  • Manage the Haskell Security Advisory Database, on behalf of the Haskell community and the Haskell Foundation.

  • Triage and assess incoming security reports or proposed/candidate security advisories.

  • Assist reporters to determine CVSS scores and CWE values for confirmed security issues.

  • Communicate with package maintainers and the community to promote the timely resolution of reported security issues.

  • Ensure the security advisory data are useful for downstream security tooling. (Development of downstream tooling is not an SRT responsibility, but engaging with the developers is)

  • Report quarterly on the activities of the SRT and statistics/trends in new security issues.

How can you help?

  • You can apply

  • If you don’t want to apply but know someone who would be great, encourage them to apply.

  • Volunteers should have experience in one or more of the following areas:

    • web application security
    • information security incident response
    • vulnerability research and analysis
    • penetration testing
    • cryptography
    • authentication and identity management
    • governance, risk management and compliance (GRC)
    • secure application development
    • algorithms, data structures, and their role in DoS attacks
    • related disciplines

Who is involved?

The current membership of the SRT is:

  • Fraser Tweedale
  • Gautier Di Folco
  • Mihai Maruseac
  • Tristan de Cacqueray

The team is hoping to gain 2-3 new members via this call for volunteers.

How to apply

Email Fraser Tweedale <frase+hasksec@frase.id.au> with subject Haskell SRT Application. Include a brief overview of your background in security and the specific topics (e.g. from the list above) with which you have experience.

Deadline

Please submit your applications by end of day September 30th, 2024.

14 Likes
Haskell Foundation August 2024 Update
#2

Hello, Haskellers. Just giving this a little bump. There are still two weeks to apply if you would like to volunteer with the Security Response Team.

For those who already applied - thank you! We will review all applications after the deadline (September 30) and respond in early October.

4 Likes