Comments (8)
Here are the slides I shared at the 2/22/19 meeting on Mapping the Security Landscape
from tag-security.
@lumjjb and I are still working on our version of this, but we're at a point where it makes sense to have CNCF help us mock up a small part of what the final product would look like.
We could either do this now for the small part we have done or could wait, depending on what others think makes sense...
from tag-security.
Noting that I spoke to Torin @ OPA today, and he noted that he thinks OPA will fit into both
- Identity & Access Control - Access Controls
- Service Access - Service admittance & admission controllers
We talked about some strategies we are considering for categorizing projects, and I asked him to think about security-related attributes that apply to OPA (even divorced from the landscape sub-categories) to help us figure out how we might map them onto the landscape. That is, we have a sense that they probably belong in the subcategories above, and if we know the project also has attributes X1, X2, and X3, it might give us a sense of how to map those attributes into those subcategories in a way that other projects can also use, or it may highlight for us gaps in our current subcategory definitions.
Also, we are probably due for a brainstorm session on this - I will raise that at the next meeting.
from tag-security.
talked to @JustinCappos who has some ideas about how to better articulate the stages of cloud native tech to divide up the space... I think this is consistent with what @izgeri and I talked about when we reviewed the PR, but definitely needs a bit more elaboration to be sure.
In any case, I agree that as written the "Identity & Access Control" section isn't clear and could be interpreted as for every project, since every project at minimum needs its own access control.
from tag-security.
Recently telling someone how we arrived at target audience of deciders for whitepaper #138 which came from the discussion of the landscape and categories, where the group felt that landscape and security overview whitepaper (#138) would have the same target audience.
@izgeri helped find discussion in SAFE meeting notes 2/22/19
from tag-security.
Created issue for work @JustinCappos mentioned, and linking it:
from tag-security.
Would it make sense to add other service meshes? Neither of the CNCF governed meshes (linkerd, Kuma) are listed but Istio is.
from tag-security.
Closing in favor of #348
from tag-security.
Related Issues (20)
- Do we want feedback buttons on pages of the site? HOT 1
- [Presentation] Auto VEX generation for projects with Kubescape Operator HOT 3
- Supply Chain Security Policy Writeup HOT 5
- vSphere CSI Driver Overview
- [Security Review] Compliance TAG process and artifacts progress HOT 3
- Compliance Working Group in TAG Security HOT 12
- Automated Governance Reference Architecture HOT 28
- [Presentation] OpenCRE.org and CNCF, standard harmonization usecases for the modern cloud HOT 3
- Software Supply Chain Best Practices v2 HOT 4
- GH actions are always failing to Git safe directory error, but returning success
- [Proposal] Implementation Initiatives WG HOT 5
- Conference Talk Proposal HOT 1
- List of Conference Talks to submit CFP HOT 1
- CloudNativeSecurityCon 2024
- Security Hub KubeCon EU 2024 HOT 1
- [Suggestion] CNCF Compliance WG HOT 1
- [TSSA] OpenFGA HOT 24
- [Presentation] Ratify project introduction and demo for CNCF Sandbox application HOT 4
- Broken link to related groups HOT 2
- Chair transition checklist: Eddie Knight HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tag-security.