You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In preparation for this year's Cloud Native Security Slam, we've completed a survey of CNCF end users across multiple industries, including Construction, Cybersecurity, Aerospace & Defense, Game Development & Consumer Services, Consulting, and Nuclear.
Through this survey, end users have identified their interest in seeing security improvements to the projects they use. We've asked them to share which Security Slam goals are most interesting to them— and we've compiled the results in a hope that this will help your prioritization during the upcoming event.
While some users have not authorized us to share their name, we've still included their responses in our calculation for you. We CAN tell you that the kubescape responses included the US Space Force.
After calculating the responses according to the interest-weight, we've found these to be the most interesting things that kubescape end users would like to see, from the five possible Security Slam badges.
The Defender
The Mechanizer
The Inspector
More information will be announced in the event kickoff webinar on October 10th, including how to register for cash & swag prizes, details about how success is measured, and resources to help achieve each of the badge goals.
If you can't make it to the webinar, a recording will be made available within 24hrs. It will be sent out to the community newsletter with any essential details you may have missed.
Ensure that security documentation has properly formatted data relating to software supply chain security decisions, including instructions for end users seeking to validate provenance artifacts.
The Inspector
Ensure that a security self-assessment has been completed according to TAG-Security documented standards.
The Cleaner
Bring all CLOMonitor non-security scores to 100% for the project, indirectly increasing overall supply chain security (Best Practices, Documentation, License, Legal).
The Defender
Ensure each project repo is accounted for within CLOMonitor; Ensure proper check set is assigned to each project repo; Bring security score to 100% for the project (This statistically decreases the future likelihood of vulnerabilities).
The Mechanizer
Ensure that every release has an automated mechanism to supply SBOM and provenance artifacts.
The text was updated successfully, but these errors were encountered:
Hello kubescape community!
In preparation for this year's Cloud Native Security Slam, we've completed a survey of CNCF end users across multiple industries, including Construction, Cybersecurity, Aerospace & Defense, Game Development & Consumer Services, Consulting, and Nuclear.
Through this survey, end users have identified their interest in seeing security improvements to the projects they use. We've asked them to share which Security Slam goals are most interesting to them— and we've compiled the results in a hope that this will help your prioritization during the upcoming event.
While some users have not authorized us to share their name, we've still included their responses in our calculation for you. We CAN tell you that the kubescape responses included the US Space Force.
After calculating the responses according to the interest-weight, we've found these to be the most interesting things that kubescape end users would like to see, from the five possible Security Slam badges.
More information will be announced in the event kickoff webinar on October 10th, including how to register for cash & swag prizes, details about how success is measured, and resources to help achieve each of the badge goals.
If you can't make it to the webinar, a recording will be made available within 24hrs. It will be sent out to the community newsletter with any essential details you may have missed.
Join the community & sign up for the webinar here: https://community.cncf.io/cloud-native-security-slam/
A quick look at the 2023 Event Badges
The Chronicler
Ensure that security documentation has properly formatted data relating to software supply chain security decisions, including instructions for end users seeking to validate provenance artifacts.
The Inspector
Ensure that a security self-assessment has been completed according to TAG-Security documented standards.
The Cleaner
Bring all CLOMonitor non-security scores to 100% for the project, indirectly increasing overall supply chain security (Best Practices, Documentation, License, Legal).
The Defender
Ensure each project repo is accounted for within CLOMonitor; Ensure proper check set is assigned to each project repo; Bring security score to 100% for the project (This statistically decreases the future likelihood of vulnerabilities).
The Mechanizer
Ensure that every release has an automated mechanism to supply SBOM and provenance artifacts.
The text was updated successfully, but these errors were encountered: