Security Special Interest Group

Covers horizontal security initiatives for the Kubernetes project, including regular security audits, the vulnerability management process, cross-cutting security documentation, and security community management.

The charter defines the scope and governance of the Security Special Interest Group.

Meetings

Joining the mailing list for the group will typically add invites for the following meetings to your calendar.

• Regular SIG Meeting: Fridays at 8:00 PT (Pacific Time) (biweekly). Convert to your timezone.
  • Meeting notes and Agenda.
  • Meeting recordings.

Leadership

Chairs

The Chairs of the SIG run operations and processes governing the SIG.

• Ian Coldwater (@IanColdwater), Docker
• Tabitha Sable (@tabbysable), Datadog
• Cailyn Edwards (@cailyn-codes), Okta

Contact

• Slack: #sig-security
• Mailing list
• Open Community Issues/PRs
• Sig Security Issues
• GitHub Teams:
  • @kubernetes/sig-security-leads - SIG Security Leads
  • @kubernetes/sig-security-pr-reviews - SIG Security PR review notifications
• Steering Committee Liaison: Stephen Augustus (@justaugustus)

Subprojects

The following subprojects are owned by sig-security:

security-audit

Third Party Security Audit

• Owners:
  • kubernetes/sig-security/sig-security-external-audit

    security-docs

    Security Documents and Documentation
• Owners:
  • kubernetes/sig-security/sig-security-docs
• Contact:
  • Slack: #sig-security-docs

    security-tooling

    Development and Enhancements of Security Tooling
• Owners:
  • kubernetes/sig-security/sig-security-tooling
• Contact:
  • Slack: #sig-security-tooling

    sig-security

    SIG Security discussions, documents, processes and other artifacts
• Owners:
  • kubernetes/sig-security
• Contact:
  • Slack: #sig-security