Security
Kubernetes Security Release Process and Security Committee documentation.
Product Security Committee (PSC)
The Product Security Committee (PSC) is responsible for triaging and handling the security issues for Kubernetes. Following are the current Product Security Committee members:
- CJ Cullen (@cjcullen)
<cjcullen@google.com> - Joel Smith (@joelsmith)
<joelsmith@redhat.com> - Jordan Liggitt (@liggitt)
<jordan@liggitt.net>[4096R/0x39928704103C7229] - Luke Hinds (@lukehinds)
lhinds@redhat.com - Micah Hausler (@micahhausler)
<mhausler@amazon.com> - Tim Allclair (@tallclair)
<tallclair@google.com>
Associate members include:
- Craig Ingram (@cji)
<craig.ingram@salesforce.com> - Swamy Shivaganga Nagaraju (@swamymsft)
<gaswamy@microsoft.com> - Mo Khan (@enj)
<mok@vmware.com>
Emeritus members:
- Brandon Philips (@philips)
<bphilips@redhat.com> - Jess Frazelle (@jessfraz)
<jess@linux.com> - Jonathan Pulsifer (@jonpulsifer)
<jonathan.pulsifer@shopify.com>
Contacting the PSC
There are a number of contact points for the PSC and release managers in charge of security releases. Please use the correct forum for the best and fastest response.
| List or Group | Visibility | Uses |
|---|---|---|
| security@kubernetes.io | Private | Kubernetes security disclosures. This list is closely monitored and triaged by the PSC. See the disclosure guide for full details. |
| kubernetes-security-discuss Google Group | Public | Discussion about security disclosure handling, this document, and other updates. |
| release-managers-private@kubernetes.io | Private | Release Managers private discussion. All members are subscribed to security@kubernetes.io. |
| security-discuss-private@kubernetes.io | Private | PSC private discussion. All members are subscribed to security@kubernetes.io |
Community, discussion, contribution, and support
Learn how to engage with the Kubernetes community on the community page.
Code of conduct
Participation in the Kubernetes community is governed by the Kubernetes Code of Conduct.