Kubernetes-Security-Slam-2023

Open tasks for the Kubernetes Security Slam 2023

- [x] Ensure SBOMs are generated by Kubernetes BOM (task 3) @SD-13 
- [ ] Ensure SLSA Attestations are generated when possible (task 4) @shafeeqes 
- [x] Ensure the project has a VEX Feed (task 5) @shafeeqes https://github.com/kubernetes/kube-state-metrics/pull/2275 https://github.com/kubernetes/kube-state-metrics/pull/2276
- [x] Add project to CLOMonitor / Run tests for Clomonitor (task 7) @jescalada https://github.com/cncf/clomonitor/pull/1380
- [ ] Check for Binary Artifacts (task 8)
- [ ] Review the code review (task 9)
- [ ] Dangerous Workflow (task 10)
- [x] Security Insights (task 11) @dalehenries https://github.com/kubernetes/kube-state-metrics/pull/2278
- [ ] Dependencies policy (task 12)
- [ ] Dependency update tool (task 13)
- [x] Token Permissions (task 16) @dalehenries https://github.com/kubernetes/kube-state-metrics/pull/2279

@puerco 

***

### Open questions

- [ ] https://github.com/kubernetes/kube-state-metrics/pull/2275#pullrequestreview-1785147109
- [ ] https://github.com/kubernetes/kube-state-metrics/pull/2277#issuecomment-1858759316
- [ ] https://github.com/cncf/clomonitor/pull/1380#pullrequestreview-1785143476

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Kubernetes-Security-Slam-2023 #2274

Open questions

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Kubernetes-Security-Slam-2023 #2274

Description

Open questions

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions