Skip to content
CDF Special Interest Group on Security - secure access, policy control, privacy, auditing, explainability and more!
Branch: master
Clone or download
kaywilliams Update
Remove link to SBOM working group which is now covered in the Software Supply Chain working group
Latest commit 56f25a0 Nov 19, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Update settings.yml Sep 9, 2019
governance Create governance readme Oct 31, 2019
sbom Add folder for sbom working group Oct 31, 2019
LICENSE Initial commit Sep 9, 2019 Update Nov 20, 2019

CDF Special Interest Group for Security (SIG-Security)

Quick links


The Security SIG provides a neutral home for discussion around designs, specifications, shared code and processes to enable security across the software supply chain. Topics of interest include the following:

  • Observability- enable actions performed while writing code, compiling, testing, and distributing software to be manifest and verifiable.
  • Policy - enable consumers of software to specify and implement policy over consumed software.
  • Inventory - enable administrators to inventory and audit software used within their organizations.
  • Runtime Security - enable detection and prevention of software tampering at runtime.
  • Vulnerability Communication - provide mechanisms for breaches in the integrity of software to be communicated and remediated.
  • Vulnerability Recovery - provide mechanisms for consumers to recover from compromised or untrusted software.


Anyone is welcome to join our open discussions of SIG-Security projects and share news related to the group's mission and charter. Much of the work of the group happens outside of SIG-Security meetings and we encourage project teams to share progress updates or post questions in these channels:

Join our Slack

Meeting times

CDF Special Interest Group - Security

  • Agenda and Minutes
  • Meetings are conducted on every other Tuesday at 08:00am Pacific prior to the TOC meeting
  • Download this invitation to add the meeting to your calendar

Related groups

SIG Chairs

  • Kay Williams (Microsoft) - Chair
  • Brian Russell (Google) - Co-chair
  • Fred Blaise (CloudBees) - Co-chair
  • Dan Lorenc (Google) - TOC Sponsor
You can’t perform that action at this time.