Contour is an ingress controller that works as an Envoy control plane, configuring the Envoy data plane, which actually carries traffic from outside to inside the cluster.

For reporting security issues, please see the reporting process documentation available at https://projectcontour.io/resources/security-process.

For more information about the threat model Contour uses, please see https://projectcontour.io/resources/threat-model.