Evaluate alignment with CNCF Compliance efforts #199
Assignees
Labels
Comments
jared-lambert
moved this from Todo
to Prioritised
in FINOS Common Cloud Controls - Project Kanban
|
@eddie-knight @jared-lambert - I spoke to Jon Zeolla about the CNCF cloud native control catalog and also looked at some of their best practices you've pointed to here. The CNCF catalog is K8s focused, and from I can see, does not have a focus on CSP cloud services. I believe the codified templates being proposed for the CCC control go beyond what's detailed in the CNCF catalog so far and I'm happy with the progress we're making on that front. |
mlysaght2017
moved this from Prioritised
to In Progress
in FINOS Common Cloud Controls - Project Kanban
mlysaght2017
moved this from In Progress
to Ready for Review
in FINOS Common Cloud Controls - Project Kanban
|
For: CNCF cloud native control catalog Michael to write a considerations article / para that outlines this call, and put it in the resources folder for later discovery if needed. |
|
For the STAG area, we created a new item here: |
github-project-automation
bot
moved this from Ready for Review
to Done
in FINOS Common Cloud Controls - Project Kanban
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Within the CNCF Security Technical Advisory Group, there have been efforts in the past to map NIST 800-53r5 controls to the recommendations in their publications.
Will these mappings help accelerate any of the work we're doing?
Separately... Considering our efforts to define regulatory compliance for cloud services, is there any opportunity for overlap with the CNCF STAG Compliance Working Group?
The text was updated successfully, but these errors were encountered: