CNCF Security SIG�Status: 21 May 2019
Sarah Allen & Jeyappragash JJ • 21.05.2019�Tuesday, May 21 • 15:55 - 16:30
Overview
Focus areas
* cloud native adj.
heterogeneous, distributed and fast changing systems
Overview
Focus areas
* cloud native adj.
heterogeneous, distributed and fast changing systems
Dec 2017
Started socializing at Kubecon Austin
13 Mar 2018
Initial Commit for SAFE repo
21 Aug 2018
Policy WG merged with SAFE�
15 Apr 2019
PR created for �CNCF consideration
7 May 2019
Rename to �CNCF SIG-Security
10 Aug 2018
Updated Charter and Governance
Landscape
What got done
CNCF Landscape review
Categories drafted
Approach to mapping to categories identified
567 open source projects
40 security-related
Progress
Landscape
Things to do
Validate categories & approach
Map existing projects to categories
Want to help? ⇒ issue#124
Progress
Security Assessments
Wed, May 22�14:00 - 14:35�Inside CNCF Project �Security Reviews�� sched.co/MPdf
Progress
Security Assessments
🤔@SantiagoTorres�Santiago Torres-Arias
🤔@ashutosh-narkar�Ash Narkar
Wed, May 22�14:00 - 14:35�Inside CNCF Project �Security Reviews�� sched.co/MPdf
github.com
Progress
Security Assessments
Next steps
Expand the security review team…
Want to help? ⇒ shout out� on mailing list or slack!
🤔@SantiagoTorres�Santiago Torres-Arias
security review team
🕵️♀️ @JustinCappos�Justin Cappos
🕵️♀️ @ultrasaurus�Sarah Allen
🕵️♀️ @lumjjb�Brendan Lum
🕵️♀️@justincormack Justin Cormack
🤔@ashutosh-narkar�Ash Narkar
Wed, May 22�14:00 - 14:35�Inside CNCF Project �Security Reviews�� sched.co/MPdf
Progress
Coming up...
2019 Roadmap
learn more…
Wed, May 22�
11:05 - 11:40
Deep Dive: CNCF Security SIG � Justin Cappos, NYU� Zhipeng Huang, Huawei
14:00 - 14:35�Inside CNCF Project Security Reviews� Justin Cormack, Docker� Justin Cappos, NYU� sched.co/MPdf
github.com/cncf/sig-security