You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Write a blog post about the benefits of TAG Security joint assessments, explaining how they are different from self-assessments and security audits. This could be cross posted on the TAG Security blog and the cncf blog for visibility.
Impact: Describe your hopes for how this would reduce risk for the cloud native ecosystem. Who will this help? How will it help them?
Projects are not always aware of the joint assessment process, and so do not complete them. Projects can get value both from the joint assessment itself, and from the benefit a joint assessment provides in improving results of future security audits. If auditors can read materials from the joint assessment, they can save time and focus on other aspects of evaluating a project.
@mnm678 Hi Marina. I'll be working in a draft of this post in the following days.
As soon as I have something, I'll send to you on Slack and we can share with everybody in the next TAG Security Weekly for more inputs.
Description: What's your idea?
Write a blog post about the benefits of TAG Security joint assessments, explaining how they are different from self-assessments and security audits. This could be cross posted on the TAG Security blog and the cncf blog for visibility.
Impact: Describe your hopes for how this would reduce risk for the cloud native ecosystem. Who will this help? How will it help them?
Projects are not always aware of the joint assessment process, and so do not complete them. Projects can get value both from the joint assessment itself, and from the benefit a joint assessment provides in improving results of future security audits. If auditors can read materials from the joint assessment, they can save time and focus on other aspects of evaluating a project.
This relates to the TOC issue cncf/toc#1378.
Scope: How much effort will this take? ok to provide a range of options if or "not yet determined"
A blog post.
The text was updated successfully, but these errors were encountered: