Note: lists.cncf.io will be down for maintenance on Wednesday, October 5th, starting at 9AM Pacific Time (4PM Wednesday October 5, 2022 UTC), for approximately one hour.
[cncf-sig-security] Supply Chain Security Paper Open for public comment
---------- Forwarded message ---------
From: Emily Fox <themoxiefoxatwork@...>
Date: Fri, Apr 9, 2021 at 11:20 AM
Subject: [cncf-sig-security] Supply Chain Security Paper Open for public comment
The cloud native security supply chain security group has worked diligently in creating an initial draft paper that provides the community with:
* Recommendations for securing each point of an organisation's software supply chain, whether the organisation produces or consumes cloud native software.
* Justifications and explanations for recommendations commensurate with the risk level and assurance requirements of an organization
* Tooling to implement recommendations
We are asking you, the community, to review the paper and provide comments/suggestions/improvements by Friday April 23rd 2021 so that we may incorporate them and finalized the initial version.
You may access the document at the below URL:
Chris Aniszczyk (@cra)