Community Directory

Welcome to the Community Directory of the CNCF TAG Security repository. This directory is a central hub for all community-related activities, documents, and resources. It is organized to facilitate collaboration, provide information, and support the various working groups and events within the TAG Security community.

Directory Structure

Catalog

  • Contains the catalog of supply chain compromises.

Publications

  • Index of published papers, reports, whitepapers, and audio versions of publications. The source files are located in:
    • resources/ if they are overarching documents.
    • community/working-groups/ if they are owned by a working group.
    • assessments/ if they are assessment documents.

Working Groups

  • archive/policy/: Contains archived Policy-as-Code assets.
  • automated-governance/: Assets for the Automated Governance working group.
  • compliance/: Assets for the Compliance working group.
  • controls/: Assets for the Controls working group.
  • research/: Assets related to the Research working group.
  • supply-chain-security/: Resources and documents for the Supply Chain Security working group.
  • catalog/: Contains the catalog of working group activities and documents.

Events

  • Information about past and future community gatherings.

Community Resources

  • Design: Colors and logos used in documents and presentations.
  • Overarching Publications: Cloud Native Security Landscape, Provenance Implementation Guides, Security Fuzzing Handbook, Lexicon, White Paper, and Use Case Personas.
  • Project Resources/: Contains various project-specific resources and templates.

Contribution Guidelines

We welcome contributions to this directory. Please follow the general contribution guidelines outlined in the root CONTRIBUTING.md file of this repository. Ensure that your contributions align with the purpose of each subdirectory and provide clear and useful information for community members.