Skip to content

[Initiative]: Kyverno Joint Security Assessment #1703

Description

@brandtkeller

(Note: this was filed with the initiative template and updated to the joint security assessment template on 1 Oct by @evankanderson. Some fields will still need to be filled out.)

Project Name

Kyverno

GitHub URL

https://github.com/kyverno/kyverno

Project Security Contacts

@JimBugwadia , @realshuting

Getting Started

Self Assessment Link

https://github.com/cncf/toc/tree/main/projects/kyverno/security-assessment/self-assessment.md

CNCF Project Stage

Incubation

Security Provider

Yes

Security Review Checklist

  • Identify team
  • Create slack channel (e.g. #sec-assess-projectname)
  • "Naive question phase" Lead Security Reviewer asks clarifying questions
  • Assign issue to security reviewers
  • Initial review
  • Presentation & discussion
  • Share draft findings with project
  • Assessment summary and doc checked into /projects/project-name/assessments/ (require at least 1 co-chair approval)
  • CNCF TOC presentation (if requested by TOC)

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

Status
New
Status
status/in-progress
Status
No status
Status
No status
Status
No status

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions