ACFrOgCLhP9OMvA9pjVqj9Yu3Mnc3j04Tgt46V_zwCbb8ykMR-wDTJfrwJf5slvUdmUc2RXmzXcBfuHLfLwIL8kau4G2mNolmD5V1enigp2TezF0Ut7q65hkdsK6OmO0WLJMhr8kJe40Iurwll-L.pdf

《ACFrOgCLhP9OMvA9pjVqj9Yu3Mnc3j04Tgt46V_zwCbb8ykMR-wDTJfrwJf5slvUdmUc2RXmzXcBfuHLfLwIL8kau4G2mNolmD5V1enigp2TezF0Ut7q65hkdsK6OmO0WLJMhr8kJe40Iurwll-L.pdf》由會員分享，可在線閱讀，更多相關《ACFrOgCLhP9OMvA9pjVqj9Yu3Mnc3j04Tgt46V_zwCbb8ykMR-wDTJfrwJf5slvUdmUc2RXmzXcBfuHLfLwIL8kau4G2mNolmD5V1enigp2TezF0Ut7q65hkdsK6OmO0WLJMhr8kJe40Iurwll-L.pdf（21頁珍藏版）》請在三個皮匠報告上搜索。

1、Shlomo Heigh Senior Software Engineer,CyberArkTAG Security Cloud Native Security Whitepapers OverviewAbout meShlomo Zalman HeighSenior Software Engineer,CyberArkSocial LinkedI GitH 3D printing Woodworking RC planesDeveloper Conjur-open source secrets manager Community engagement OWASP contributorA C

2、loud Native familyThe Illustrated Childrens Guide to KubernetesCheck outPhippy.ioTAG SecurityWho we areWhat we doHow is this creating cloud native security?Where to jump in1.6k Github Stars,384 forks:https:/ Enthusiasts,professionals,students,researchers,hobbyistsOur roleStrengthen the ecosystemIden

3、tify GapsEducateFoster maturityEngage more communitiesNurture growth and participationOur Charter we focus on Protection of cloud native systems,while providing needed accessCommon understanding and common tooling to help developers meet security requirementsCommon tooling for audit and reasoning ab

4、out system propertiesTAG SecurityThe Leadership TeamBrandon LumAradhna ChetalAndrew MartinAndres VegaAshutosh NarkarPushkar JoglekarMichael LiebermanMarina MooreRagashree ShekarCo-chairsActive Tech LeadsMatthew GiassaSecurity Assessment FacilitatorJustin CapposTAG SecurityWho we areWhat we doHow is

5、this creating cloud native security?Where to jump inCreating&Breaking!Cloud Native Security Controls catalogCloud Native Security Whitepaper 2.0Supply chains security whitepaper Cloud Native Security WhitepaperAudio releaseWhitepapers&PublicationsMarkdownPDFAudioTranslations in Portuguese and Chines

6、e,plus Italian in progress(issue#1014)How can you help?Contribute to the upcoming v3!Record audio of changesWhitepapers&PublicationsPublicationsDoing research on real world supply chain compromises?Come look at the list!Know about a supply chain compromise?Create a PR to add to the list!In Progress

7、Get Involved!Zero Trust-Cloud Native Platforms and Services Issue#950 Light weight threat modelling Cloud Native Security Controls MappingZero Trust whitepaper tag-security-Issue#903CNCF Supply Chain Security Tools Mappings Issue#984Cloud Native Security Controls Mapping to NIST Issue#845Security as

8、sessmentsCloud Native Security Whitepaper3.0 tag-security issue#975Audio CNS WP Audio Recording v2 Issue#953KubeVela Issue#976Catalog of Supply Chain CompromisesKubeEdge Issue#974cert-manager Issue#949Flux multi-tenancy proposal Issue#896Keptn Issue#784https:/ SecurityWho we areWhat we doHow is this

9、 creating cloud native security?Where to jump inAwareness through effortEngagement with CNCF&projects results in better security for everyoneSecurity PalsSelf-assessmentJoint ReviewsCollaboration with related groupsK8s sig-security(disambiguation!)K8s policy working groupCloud Security AllianceOpenS

10、SF(SLSA,supply chain)Presentations increase awareness of open source security challenges,solutions,and futuresSecurity focused project presentationsKubescape-tag-security 962 OpenFGA-https:/ Kubewarden-https:/ and many moreAwareness through effortIn Focus:Security ReviewsSecurity Pals help projects

11、dip their toe into cloud native security Friendly faceSecurity resourceSelf-Assessment is a resource for sandbox and incubation projects to jump-start their projects security and get them in a better security posture at their own paceJoint-review is a collaborative process with Security TAG to perfo

12、rm a table top security review of incubation projects seeking graduationAll of these together help projects prepare for a Security Audit!Get involved now!KubeVela Issue#976KubeEdge Issue#974cert-manager Issue#949Flux multi-tenancy proposal Issue#896Keptn Issue#784TAG SecurityWho we areWhat we doHow

13、is this creating cloud native security?Where to jump inJoin us!CNCF Workspace#tag-securityCNCF TAG Security Calendar CNCF TAG Security-YouTubecncfsecurityTAGCNCF TAG Security mailing listtag-security issuesRoadmapTAG Security RoadmapIn Progress Get Involved!Zero Trust-Cloud Native Platforms and Serv

14、ices Issue#950 Light weight threat modelling Cloud Native Security Controls MappingZero Trust whitepaper tag-security-Issue#903CNCF Supply Chain Security Tools Mappings Issue#984Cloud Native Security Controls Mapping to NIST Issue#845Security assessmentsCloud Native Security Whitepaper3.0 tag-security issue#975Audio CNS WP Audio Recording v2 Issue#953KubeVela Issue#976Catalog of Supply Chain CompromisesKubeEdge Issue#974cert-manager Issue#949Flux multi-tenancy proposal Issue#896Keptn Issue#784https:/ you!