Science & Technology

Channels: Science & Technology | Financial Markets | Artificial Intelligence | Blockchain

CNCF, Google, and HackerOne launch Kubernetes bug bounty program

[2020.01.14, Tue 17:05] The Cloud Native Computing Foundation today announced it is funding a bug bounty program for Kubernetes. Although Google open-sourced Kubernetes in 2014, the company has been involved in the bug bounty from day one. The Kubernetes Bug Bounty was in private testing for several months with invited researchers able to submit bugs and test the triage process. Given that there are more than 100 certified distributions of Kubernetes, the bug bounty program needs to apply to the Kubernetes code that powers all of them. HackerOne had its team pass the Certified Kubernetes Administrator exam to help members understand how to test the validity of a reported bug. The bug bounty scope covers code from the main Kubernetes organizations on GitHub, as well as continuous integration, release, and documentation artifacts. Out of scope Kubernetes vulnerabilities should be disclosed privately to the Kubernetes Product Security Committee, a group of security-focused maintainers who receive and respond to reports of security issues in Kubernetes.
Read on >   Google the news >>

<< Back

(c) 2019 Geo Glance