This site may contain outdated or incomplete information.
Security TAG Reviews
This directory contains the artifacts of Security TAG’s various assessments and reviews of projects. Information on the processes to by which these artifacts are produced can be found in the guide.
Note that the process has changed slightly over time, so please see the individual project directory for information about what type of assessment was performed.
Note also, that some of the self-assessments were created by Security Pals, who are external parties that review the project’s documentation to create an assessment draft. These may not have been reviewed by the project team.
CNCF project audits
If you are looking for the listing of audits of CNCF projects, please refer to the CNCF’s TOC repository under projects.