Skip to content
This repository has been archived by the owner on Jun 20, 2023. It is now read-only.

Latest commit

 

History

History
60 lines (36 loc) · 2.79 KB

README.md

File metadata and controls

60 lines (36 loc) · 2.79 KB

CDF Special Interest Group for Security (SIG-Security)

Quick links

Objective

The Security SIG provides a neutral home for discussion around designs, specifications, shared code and processes to enable security across the software supply chain. Topics of interest include the following:

  • Observability- enable actions performed while writing code, compiling, testing, and distributing software to be manifest and verifiable.
  • Policy - enable consumers of software to specify and implement policy over consumed software.
  • Inventory - enable administrators to inventory and audit software used within their organizations.
  • Runtime Security - enable detection and prevention of software tampering at runtime.
  • Vulnerability Communication - provide mechanisms for breaches in the integrity of software to be communicated and remediated.
  • Vulnerability Recovery - provide mechanisms for consumers to recover from compromised or untrusted software.

Communications

Anyone is welcome to join our open discussions of SIG-Security projects and share news related to the group's mission and charter. Much of the work of the group happens outside of SIG-Security meetings and we encourage project teams to share progress updates or post questions in these channels:

Join our Slack

Meeting times

CDF Special Interest Group - Security

  • Agenda and Minutes
  • Meetings are conducted on every other Tuesday at 08:00am Pacific prior to the TOC meeting
  • Download this invitation to add the meeting to your calendar

Related groups

SIG Chairs

  • Kay Williams (Microsoft) - Chair
  • Brian Russell (Google) - Co-chair
  • Fred Blaise (CloudBees) - Co-chair
  • Dan Lorenc (Google) - TOC Sponsor