diff options
| author | Shubham Kuchhal <shubham.kuchhal@india.nec.com> | 2021-03-12 13:12:49 +0530 |
|---|---|---|
| committer | Shubham Kuchhal <shubham.kuchhal@india.nec.com> | 2021-03-12 13:12:49 +0530 |
| commit | 3f917fe0f57cbf53e7d0fda3cf55550511e58b51 (patch) | |
| tree | dc18d33f57bf3ce592acad66d4ebe73204eddf04 | |
| parent | bfbbd5496d3d2f1d85f5ee78d1049c2f45f1b8df (diff) | |
Fix the link for Third-Party Security Audit Working Group.
| -rw-r--r-- | sig-security/charter.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sig-security/charter.md b/sig-security/charter.md index 49664cce..23649f33 100644 --- a/sig-security/charter.md +++ b/sig-security/charter.md @@ -6,7 +6,7 @@ This charter adheres to the conventions described in the [Kubernetes Charter REA SIG Security covers horizontal security initiatives for the Kubernetes project, including regular security audits, the vulnerability management process, cross-cutting security documentation, and security community management. As a process-oriented SIG, it does not directly own Kubernetes component code. This SIG replaces the Security Audit Working Group. Instead, SIG Security focuses on improving the security of the Kubernetes project across all components. -This SIG grew out of the [Third-Party Security Audit Working Group](https://github.com/kubernetes/community/tree/master/wg-security-audit), which managed each recurrent Third-Party Security Audit over the course of the audit’s lifecycle. The Working Group worked closely with selected vendors, the Product Security Committee, and the CNCF. It created the RFP, selected the vendors, and managed the vendors’ engagement with other SIGs and subject matter experts. +This SIG grew out of the [Third-Party Security Audit Working Group](https://github.com/kubernetes/community/tree/master/sig-security/security-audit-2019), which managed each recurrent Third-Party Security Audit over the course of the audit’s lifecycle. The Working Group worked closely with selected vendors, the Product Security Committee, and the CNCF. It created the RFP, selected the vendors, and managed the vendors’ engagement with other SIGs and subject matter experts. SIG Security continues to manage the third-party security audits, while serving a wider mission of advocating for security-related structural or systemic issues and default configuration settings, managing the non-embargoed (public) vulnerability process, defining the bug bounty, creating official Kubernetes Hardening Guides and security documents, and serving as a public relations contact point for Kubernetes security. |