Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Presentation] Kyverno Status Overview #1341

Open
4 tasks
realshuting opened this issue Aug 5, 2024 · 4 comments
Open
4 tasks

[Presentation] Kyverno Status Overview #1341

realshuting opened this issue Aug 5, 2024 · 4 comments
Labels
usecase-presentation Label for usecase related presentations

Comments

@realshuting
Copy link
Contributor

realshuting commented Aug 5, 2024

Title: Kyverno Status Overview

Speakers: @realshuting, @JimBugwadia

Description: Give an update about Kyverno since its incubation two years ago, talk about the latest architecture and use cases. Related to Kyverno's Graduation Application, previous self-assessment.

Time: How long will the presentation take? (10 minutes)

Availability: August 21st 10 AM PT, August 28th 10 AM PT

TO DO

@realshuting realshuting added triage-required Requires triage usecase-presentation Label for usecase related presentations labels Aug 5, 2024
@realshuting realshuting changed the title [Presentation] Presentation Title [Presentation] Kyverno Status Overview Aug 5, 2024
@matthewflannery
Copy link
Collaborator

Following..

@eddie-knight
Copy link
Collaborator

Hi @realshuting! It seems this slipped through the cracks, I apologize for the delay responding!

Would you like to present on September 11 at 10PT?

@realshuting
Copy link
Contributor Author

Hi @realshuting! It seems this slipped through the cracks, I apologize for the delay responding!

Would you like to present on September 11 at 10PT?

Sounds great, I look forward to the presentation!

@eddie-knight eddie-knight removed the triage-required Requires triage label Sep 7, 2024
@mnm678
Copy link
Collaborator

mnm678 commented Sep 11, 2024

Template for TAG recommendation to TOC

Project Overview

Ecosystem Adoption

What ecosystem adoption has the project seen?

Great ecosystem adotion:

  • 5,000 Github stars
  • 3,000 slack members
  • 450 contributors
  • 3.1B downloads

Past TOC Reviews

How has the project addressed comments from previous reviews (incubation if graduation, sandbox if incubating, etc)?

The project has clarified how it differentiates from other security projects in the space, has developed and maintained a roadmap, and has clarified their governance.

Security Reviews

TAG Security Assessments

Has the project completed a TAG Security Self-Assessment and/or Joint Assessment? If yes, please add a link and discuss how this has impacted their security posture.

Yes, Kyverno has a self assessment through security pals

Security Audit

Has the project completed an external security audit? If yes, how have they addressed the findings?

Kyverno has had a third party audit and fuzzing found a few issues which were addressed: https://main.kyverno.io/blog/2023/11/28/kyverno-completes-third-party-security-

Best Practices

Metrics

Which security best practices does the project follow (for example CNCF best practices badge, OpenSSF Best Practices, CLO monitor), and how does it rate by these metrics?

Kyverno has strong compliance with several best practices:

  • SLSA 3 compliant
  • passing OpenSSF best practices
  • scorecard 8.3: active work to improve this

Sub-project Considerations

If the project has sub-projects, how does their security posture compare to the base project?

N/A

TAG Recommendation to the TOC

Kyverno has seen strong adoption and attention to security best practices. They have created a detailed threat model for the project and achieved an impressive SLSA 3 compliance. Based on this, we recommend the project for graduation.

Without blocking graduation, we recommend the project pursues a TAG Security joint assessment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
usecase-presentation Label for usecase related presentations
Projects
None yet
Development

No branches or pull requests

4 participants