[cncf-sig-security] Supply Chain Security Paper Open for public comment


Chris Aniszczyk
 

FYI

---------- Forwarded message ---------
From: Emily Fox <themoxiefoxatwork@...>
Date: Fri, Apr 9, 2021 at 11:20 AM
Subject: [cncf-sig-security] Supply Chain Security Paper Open for public comment
To: <cncf-sig-security@...>


Hello!
  The cloud native security supply chain security group has worked diligently in creating an initial draft paper that provides the community with:
* Recommendations for securing each point of an organisation's software supply chain, whether the organisation produces or consumes cloud native software.
* Justifications and explanations for recommendations commensurate with the risk level and assurance requirements of an organization
* Tooling to implement recommendations

We are asking you, the community, to review the paper and provide comments/suggestions/improvements by Friday April 23rd 2021 so that we may incorporate them and finalized the initial version.

You may access the document at the below URL:
https://docs.google.com/document/d/1VURD9rdEhiuqPdixhEozkHw01Tk6e2AaJVjBK3pK6Zc/edit



--
Chris Aniszczyk (@cra)

Join cncf-toc@lists.cncf.io to automatically receive all group messages.