Kubernetes Security Response Committee: Intro & Deep Dive
May 01, 2023
35 min
Free
kubernetes
security
vulnerability-management
cve
bug-bounty
cloud-native
aws
microsoft
api-security
supply-chain-security
Description
This talk introduces the Kubernetes Security Response Committee (SRC) and its role in the Kubernetes security release process. The speakers cover the lifecycle of a vulnerability, from initial report to public disclosure, and the SRC's responsibilities. They highlight the differences between SRC, SIG Auth, and SIG Security, and discuss findings from the 2022 security audit, including impacts and preventative changes. The goal is to increase community awareness about the SRC and the process for reporting vulnerabilities.