| #2 Discover | #3 Describe | #4 Identify | |
|---|---|---|---|
| Artifacts | Personas Use Cases Categories |
Standards Common Definitions Block Architecture |
Catalog Projects Fill in Boxes Identify Gaps |
| Topics | Presentations WG members & guests |
Standards in Practice Real World Systems Architecture |
Platforms & Products Tools & Libraries |
- Charter the working group. Draft vision, process and initial members (done)
- Discover (in progress)
- Explore the problem space of the working group
- Investigating what is happening in the community today with respect to security for cloud native applications and infrastructure
- Presentations from members & guests
- Describe personas & use cases
- Draft a picture or set of categories that will serve as a starting point for an evaluation framework
- Solicit real world use cases and practices (and compensating controls) for projects
- Describe the landscape
- Define the terminology used in the output documents, and in the community
- Describe the current state (landscape) of cloud native security, which might include:
- existing standards
- existing open source, and proprietary, solutions
- common patterns in use today for system that works for cloud-native apps. For example:
- Extract end-to-end view of secure access, and
- Common layering or a block architecture
- Identify existing security components in CNCF and projects in the CNCF landscape and catalog
- Identify gaps and make recommendations to the community and TOC
- Continually monitor the viability of the existing projects and update the landscape document
- Document and disseminate best practices (provide training?)