Covers horizontal security initiatives for the Kubernetes project, including regular security audits, the vulnerability management process, cross-cutting security documentation, and security community management.
The charter defines the scope and governance of the Security Special Interest Group.
Joining the mailing list for the group will typically add invites for the following meetings to your calendar.
- Regular SIG Meeting: Fridays at 8:00 PT (Pacific Time) (biweekly). Convert to your timezone.
The Chairs of the SIG run operations and processes governing the SIG.
- Ian Coldwater (@IanColdwater), Docker
- Cailyn Edwards (@cailyn-codes), Okta
- Tabitha Sable (@tabbysable), Datadog
- Slack: #sig-security
- Mailing list
- Open Community Issues/PRs
- GitHub Teams:
- @kubernetes/sig-security-leads - SIG Security Leads
- @kubernetes/sig-security-pr-reviews - SIG Security PR review notifications
- Steering Committee Liaison: Stephen Augustus (@justaugustus)
The following working groups are sponsored by sig-security:
The following subprojects are owned by sig-security:
Security self assessments for upstream projects
- Owners:
- Contact:
- Slack: #sig-security-assessments
Third Party Security Audit
Security Documents and Documentation
- Owners:
- Contact:
- Slack: #sig-security-docs
Development and Enhancements of Security Tooling
- Owners:
- Contact:
- Slack: #sig-security-tooling
SIG Security discussions, documents, processes and other artifacts
- Owners:
- Contact:
- Slack: #sig-security