Giters

cncf / tag-security

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

Home Page:https://tag-security.cncf.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Security Self-Assessment] Antrea

molofgarb opened this issue · comments

commented

Details

Project Name: Antrea

Github URL: https://github.com/antrea-io/antrea

CNCF project stage: Sandbox preparing for Incubation

Security Provider: No

Self-assessment link (before PR): Antrea Security Self-Assessment

Tasks

  • Stage 1: Preparation

    • Create a GitHub issue for the security self assessment of Antrea project.
      • Issue Link in CNCF Tag-Security: #1142
    • Create a place holder of security self assessment.
    • Review Documentation of the Antrea project.

  • Stage 2: Understand the Project Landscape

  • Stage 3: First complete draft of the Self Assessment

    • Document technical specifications of the Antrea project.
      • Self assessment use
        commit: molofgarb@bedc054
      • Security functions and features
        commit: <commit_link>
      • Project compliance
        commit: <commit_link>
      • Secure development practices
        commit: molofgarb@9cfad36
      • Security issue resolution
        commit: <commit_link>
      • Appendix
        commit: <commit_link>
    • Complete the security self assessment draft.

  • Stage 4: Iteration with the project

    • Initiate discussion with Antrea project maintainers.
    • Incorporate inputs and feedback from Antrea project maintainers.
    • Document the findings.

  • Stage 5: Finalization

    • Initiate PR
    • Get feedback and findings from reviewers
    • Fix the findings
    • Merge the PR
    • Close the issue
commented

issue will be tracked in Rana-KV#2