tag-security
tag-security copied to clipboard
cncf
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
Create joint assessment for OpenFGA. Linked to the issue [TSSA] OpenFGA #1236. Project Name: OpenFGA Github URL: https://github.com/openfga/openfga/blob/main/docs/security-self-assessment.md CNCF project stage: https://github.com/cncf/toc/pull/1276 (incubation) Security Provider: yes (e.g. Is the primary...
Link to website: https://tag-security.cncf.io/ In order to increase the quality of outputs from TAG Security, to simplify the project maintenance, and to streamline new member familiarization, there is a need...
Title: in-toto project update Speakers: @SantiagoTorres @JustinCappos Description: in-toto is gearing for a graduation review. It's been 2 years since in-toto went up, so it's timely to also update the...
This pull request includes the initial reorganization of the repository according the [Information Architecture ](https://docs.google.com/document/d/1bdcZ3WIBmLrTTZj_1aLp3fGl68WqEhifItIHThE53k8/edit)proposed, discussed, and approved by all leads to improve accessibility and maintainability. Key changes include: *...
Expand on directory structure and contents of each subdirectory.
### **Problem** Today, open source projects do not have a consistent mechanism to publish compliance and regulatory details about what the project does in a machine readable format and to...
## Problem Several inquiries have recently been brought to us regarding how to respond to or address a vulnerability report to a CNCF project. The advice we provide is rarely...
Title: Kubescape project update Speakers: @slashben @matthyx Description: It has been nearly 2 years since Kubescape was introduced to TAG-Security and around a year ago when we last presented. This...
Could you update the [security guidelines](https://contribute.cncf.io/maintainers/security/security-guidelines/) on [contribute.cncf.io](http://contribute.cncf.io/) (https://github.com/cncf/tag-contributor-strategy/blob/main/website/content/maintainers/security/security-guidelines.md) to include configuration of repository settings which will require an approval from one of the repository owners/maintenance instead of starting a...
Add self-assessment of [Lima](https://lima-vm.io) (CNCF Sandbox) cc @jandubois @afbjorklund @balajiv113
