1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

An SDN vulnerability forced OpenDaylight to focus on security

Discussion in 'Network World' started by RSS, Mar 27, 2015.

  1. RSS

    RSS New Member Member

    Open-source software projects are often well intended, but security can take a back seat to making the code work.

    OpenDaylight, the multivendor software-defined networking (SDN) project, learned that the hard way last August after a critical vulnerability was found in its platform.

    It took until December for the flaw, called Netdump, to get patched, a gap in time exacerbated by the fact that the project didn’t yet have a dedicated security team. After he tried and failed to get in touch with OpenDaylight, the finder of the vulnerability, Gregory Pickett, posted it on Bugtraq, a popular mailing list for security flaws.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page