►
From YouTube: CNCF Security TAG Regular Meeting 2021-09-15
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
C
C
Yeah
emily
the
two
two
of
the
three
issues
that
we're
gonna
touch
on
triage
today.
I
think
one
of
the
old
issues,
so
it's
176
and
177.
So.
C
D
C
C
Yeah,
I
know
those
the
other
link.
Pr
issue
was
on
the
reporting
process
or
like
the
templates
that
you
created
right.
So
that's
that
does
that
address
that.
D
I
think
the
pr
for
adding
the
security
resources
is,
I
think
that
closes
that
issue
out,
because
I
had
asked
whether
or
not
there
was
anything
else
outstanding.
So
I
think
we
can
just
close
it.
C
C
C
Let's
just
cnn
the
toc
photo
press.
D
C
Again,
we
need
subscribe
today
if
anyone
can
sign
up
for
that.
That
would
be
awesome.
A
A
Space
not
only
for
our
company
but
but
in
many
other
organizations-
and
I
know
it
can
be-
can
be
difficult
at
times
to
be
in
that
position.
So
just
a
big
thank
you
as
well,
although.
A
D
A
A
C
Okay,
cool,
so
wait!
Let
me
let
me
backtrack,
put
the
notes
in
the
chad.
We
have
a
pretty
short
agenda
today,
so
so
we'll
see
how
things
come
along.
We
should
get
some
time
back.
C
So,
let's
get
started
so
as
usual,
this
meeting
is
being
recorded
advised
by
cncf
call
conduct,
as
well
as
the
the
tax
credit
code
of
conduct.
C
This
will
be
recorded
and
uploaded
to
youtube
at
a
later
date
and
we
need
subscribers.
We
have
scraps.
Thank
you
asheville
for
volunteering
describe
and
if
you
have
any
updates,
please
put
in
your
name
in
the
attendance.
Put
a
note.
If
you
have
any
updates,
or
you
want
to
talk
about
anything
either
during
the
update
or
in
today's
agenda.
C
Cool
so
let's
get
started
so
first,
let
me
just
substitute
new
members.
We
have
a
new
new
folks
in
the
car.
They
want
to
introduce
themselves.
C
I
think
it
looks
like
everyone's
I've
seen
everyone
before,
so
I
think
we
don't
have
new
memphis
today,
okay,
so
triage
of
content
issues,
so
this
is
just
a
reminder
for
those
that
were
not
around
when
this
was
introduced.
Basically,
at
the
start
of
each
working
session
meeting,
we
spent
like
5-10
minutes
on
on
triaging
certain
issues.
C
C
So
emily
I
managed
to
show
one
two
of
them
before,
while
the
car
was
starting,
so
it's
gonna
hopefully
keep
it
short.
So
these
three
are
up
for
triage
utilization
security
reviews
as
initial
secure
settings
for
projects.
C
D
Absolutely
so,
this
issue
came
out
of
my
first
cube
con
and
talking
with
justin,
cormack
and
kind
of
understanding
a
little
bit
more
well,
not
first
uconn
a
while
ago,
but
trying
to
understand
more
about
the
lack
of
security
faults
that
exist
within
a
lot
of
the
cloud
native
projects
and
one
of
the
ways
that
we
had
brainstormed
during
one
of
the
diversity
lunches
was
being
able,
as
part
of
our
existing
security
view
and
security
assessment
process,
to
provide
or
to
assist
projects
with
developing
security,
documentation
and
secure
configurations
for
their
applications
and
their
projects.
D
So
we
kind
of
have
a
few
other
initiatives
around
this
area.
There's
some
work
from
the
surveys
that
we've
done
about
security
faults.
This
is
one
way
that
we
could
potentially
do
that
and,
generally
speaking,
the
security
pals
program
has
the
capabilities
to
assist
projects
in
identifying
areas,
but
not
quite
to
the
level
of
granularity
of
like
here's,
the
secure
configuration
within
the
documentation
and
you
actually
would
have
to
hunt
for
the
less
secure
configurations.
D
C
So
I
think
what
what
we'll
do
at
this
point
is
really
this
issue
details
to
the
other
one
and,
as
usual,
what
happens
with
most
of
our
triage
triage
processes?
Is
we're
gonna
paste
this
into
the
general
on
tech
security
chat
for
some
extra
feedback?
If
we
don't
get
any
reinvigorated
interest
from
the
group
within
like
a
week
or
two,
we
just
closed
it
up
and
but
we
make
sure
we
have
it
documented
to
any
of
the
current
ongoing
ongoing
issues.
So,
let's
just
think
here.
C
This
one
cbe
is
for
vulnerabilities
found
during
security
reviews
and
audit.
We
had
this
discussion
five
minutes
before
the
call
started,
so
I
don't
want
to
spend
too
much
time
on
this.
Basically,
this
was
around
like
reporting
on
cves.
This
is
partially
addressed
by
the
template.
The
the
security
document
templates
that
we
introduced
earlier,
maybe
about
a
month
and
a
half
ago.
So
this
is
you
know.
How
do
you
report
cbds
and
things
like
that
emily,
since
this
issue,
do
you
want
to
charm
in
a
bit
more.
D
Yeah
sure
so
a
lot
of
this
was
around
at
a
time
before
github
had
their
security,
advisories
integration
and
probably
about
the
time
that
they
were
looking
to
become
a
cve
authority.
D
So
this
is
very
old,
but
the
idea
is
that,
when
we're
performing
security
reviews,
we
may
come
across
interior
configurations
or
vulnerabilities
associated
with
projects
for
which
they
don't
have
a
responsible
disclosure
process.
The
new
security
resources
section
of
the
repository
has
great
resources
to
help
projects
get
up
and
running
with
what
those
security,
documentations
embargo,
vulnerability,
disclosure
all
of
those
fun
things.
D
So
it's
kind
of
already
met
from
that
perspective
and
with
the
recent
updates
to
the
contributor
site
from
our
partners
at
tag
contributor
strategy,
we
now
have
instructions
for
teams
about
how
do
they
manage
the
github
security
advisories
feature
as
well.
So
this
is
pretty
much
mitigated.
The
only
extra
little
bit
would
be.
How
do
we
apply
that
within
our
security
review
process,
which
is
currently
discussed?
C
Awesome
thanks
emily
as
usual.
If
you
have
any
comments,
put
it
in
the
issue
we'll
post
this
in
the
chat
as
well
assessment
listings
create
a
close
assessment,
folder
the
organized
assessments.
I
think
this
is
kind
of
a
just
the
ability
to
have
a
remember
everything
in
it.
So
I
think
this
is
still
relevant
so
for
this
it
sounds
like
we
would
want
to
to
just
bring
it
up
in
the
community
again.
F
C
Yeah,
so
that's
a
lot
of
depth
into
this,
so
maybe
I
just
like
give
a
quick
overview,
and
then
it's
likely
that
so
we'll
touch
on
this
again,
usually
at
our
cube
concessions.
C
Talking
about
what
the
reviews
are
going
into
a
bit
more
detail
and
we'll
likely
talk
about
it
again
after
kubecon
when
we
get
like
a
new
influx
of
members,
but
just
a
a
very
high
level,
you
know
the
the
security
assessments
and
reviews
kind
of
started
as
a
way.
You
know
in
the
project
the
project,
the
the
cncf
project
process
right
from
sandbox
incubation
to
graduation.
C
The
idea
was
the
toc
wanted
the
ability
to
really
have
a
better
assessment
of
what
security
is
for
a
particular
project.
So
this
is
something
that
we
started.
The
the
main
aim
of
it
was
to
kind
of
see
where
a
project
is
in
terms
of
the
entire
cnc
ecosystem.
C
C
Are
there
security
incidents
that
are
being
handled
looking
at
the
overall
design
architecture
of
of
the
project,
to
see
whether
any
reflex
is
like
ci
cd
pipeline?
Are
there
certain
decisions
in
the
design?
For
example,
you
know
rewriting
a
parser
or
using
a
library
which
may
not
be
using
a
a
weird
passing
library,
or
something
like
that
right,
so
just
general
hygiene
of
a
project
and
also
to
inform
the
toc
of
is
this
project?
How
does
this
project
fit
in
into
the
security
versus
services?
Here,
okay,
yeah
yeah?
C
C
Okay
and
let's
go
on
to
the
next
item,
which
is
review
other
time
zones-
we
don't
have
that
anymore,
tlc
meeting
updates.
A
I
believe
matthew
mentioned
that
buildbacks
was
presented
during
the
meeting
last
week.
C
Yeah
yeah,
I
remember
that
so
yeah
and
andreas
was
presented
on
behalf
of
this
of
the
stack.
It
was
a
kind
of
toc
update
meeting.
So
it's
just
like
different
texts
talking
about
what
they
did.
So
we
talked
about
build
packs
as
well.
Some
of
the
things
in
the
pipeline
before
coupon.
C
Okay,
so
fun
stuff
before
we
get
into
project,
get
into
the
agenda
project
updates
different
working
groups
any
any
updates
there.
So
maybe
you
can
start
with
we'll
go
from
bottom
up
now,
since
we
went
top-down
last
time
so
called
nature.
Security
map.
A
No,
no
updates
on
that
right
now,
we'll
probably
start
closer
to
kubecon,
but
do
you
have
any
design
updates?
I
think
we
restarted
a
design
team
as
well
right.
The
cncf
team.
C
C
Okay,
I
think
security
reviews,
I
think
we
just
hit.
The
update
with
bill
packs
is
finishing.
There
was
update
from
matthew,
we
are
looking
to
start
argo.
We
are
looking
inside
the
argo
review
towards,
after
coupons
so
towards
the
end
of
october.
A
C
Yeah
all
right,
okay,
so
as
long
as
we
we
have,
we
have
continuation
of
that
make
sure
we're
not
blocked.
C
Okay
sounds
good,
I
think
next
on
the
list
serverless
white
paper.
C
C
C
No
okay
awesome!
So
let's
get
right
in.
Let's
see
whether
anyone
has
any
updates
that
are
not
on
the
agenda
mark
you,
I
see
you
have
a
announcement
to
make
about
the
ieee
document.
Do
you
want
to
speak
to
that?
Or
do
you
want
me
to
just
make
announcements?
I'm
assuming
you're
on
two
calls.
B
No,
this
time
they
canceled
it.
So
here
I
am
hallelujah
awesome,
so
hey
guys,
I
missed
you.
I'd
rather
be
in
this
meeting,
so
this
ieee
standard
issued
today
sought
off
the
presses.
It
took
forever
to
do
this.
It
was
a
bloody
slog
to
tell
you
the
truth.
B
B
I've
worked
on
this
thing
for
I
think
four
years,
so
the
extent
to
which
it's
going
to
influence
people's
design
practices
really
comes
down
to
whether
people
like
in
this
group
find
something
of
use
in
that.
So
you
know
I.
B
I
encourage
you
to
try
to
talk
somebody
into
buying
it
and
and
taking
a
scam
to
see
if
there's
some
things
in
there,
that
you
can
that
you
can
apply
in
your
design
principles
that'll
help
with
with
ethical
principles,
and
some
of
this
has
to
do
with
you-
know,
security
and
privacy
stuff
that
tends
to
be
more
close
to
the
privacy
side
than
the
security
side.
But
it's
more
about
our
public
responsibility
as
technologists
and
system
architects,
and
so
there's
there's
interesting
stuff
in
there.
B
C
You
think
it's
it's
something.
That's
worth,
maybe
doing
a
short
presentation
about
one
of
the
next.
The
next
sessions.
F
B
C
All
right,
we'll
put
up
we'll
put
up
a
message
in
the
in
the
group,
see
how
many
thumbs
up.
A
C
Awesome,
thank
you
ma.
You
bet.
Okay
looks
like
we
have
no
other
updates
so
also.
I
just
know
this
axle.
Thank
you
for
volunteering
subscribe,
okay.
So
the
first
agenda
item
we
have
is
I've
been
have
two
today,
so
the
first
one
is
on
stack
meeting
schedules.
I
think
they'll
provide
some
contacts
here
and
I
think
andrews.
I
think
I
was
interested
brought
up
that
you
know
some
other
attacks
are
meaning
a
little
bit
of
less
a
bit
less
frequency.
C
Some
of
them
have
taken
like
a
month
off
like
sabbatical
kind
of
thing
in
between,
and
I
think
we
wanted
to
figure
out.
You
know
what
are
people's
thoughts
on
this,
whether
we
would
like
to
maybe
reduce
the
frequency
or
maybe
take
a
couple
weeks
or
like
an
entire
month
off.
I
just
like
these
weekly
meetings,
emily
andrus
ash
feel
free
to
chime
in
I'm,
not
sure
that
I
missed
anything
there.
C
Yeah,
we
are
the
most
active
tech.
We.
D
Are
the
most
active
tag?
We
produce
a
ton
of
great
material,
but
we
also
recognize
that
there's
been
a
lot
going
on
and
that
we
have
a
ton
of
ongoing
projects.
So
we
want
to
make
sure
that
we're
balancing
everybody's
willingness
to
contribute,
as
well
as
your
personal
health
and
well-being.
So
we
meet
weekly,
there's
been
discussion,
like
brandon,
said
about
taking
a
month
off
or
potentially
adjusting
the
frequency
at
which
we
hold
these
meetings.
F
I
I'm
happy
to
answer
I
mean
I
haven't
been
coming
to
these
meetings
for
very
long
as
people
know.
However,
I
find
them
very
interesting
and
I
find
I
get
a
lot
out
of
them.
I
do
think
once
a
week
gets
can
get
a
bit
much,
even
though
it's
only
an
hour,
but
you
know
it's
easy
to
say
that
we've
got
a
lot
of
only
an
hour
meetings
here
and
there
I
I
would
be.
F
I
would
be
fine
if
they
were
slightly
reduced,
but
I
know
maybe
like
three
out
of
four
something
like
that.
I
mean
less
than
that
to
me
feels
like
it's
gonna
get
too
few
and
I
think
there's
a
lot
of
interesting
stuff
coming
out
of
it.
So
yeah
happy,
I'm
very
interested
in
hearing
other
people's
opinion.
F
H
Know
the
thought
process
is
moving
to
a
bi-weekly,
but
beyond
that
is
we
have
all
of
these
kind
of
other
kind
of
side
projects,
the
security
reviews
all
those
right
to
me.
Those
take
up.
You
know,
instead
of
having,
like
the
full
group,
having
everybody
reconvene
to
be
able
to
kind
of
talk
about
those
statuses
when
there's
actually
more
meaningful
time
than
a
week,
because
usually
it
takes
more
than
a
week
to
to
articulate
what
happened
during
that
point.
So
that's
kind
of
my
two
cents
from
from
the
pop
desk
here.
C
Yeah
this
it's
a
good,
that's
a
good
bunk
bob,
like
I
think
we
have.
You
know
the
supply
chain
working
group.
We
have
the
the
policy
working
group
as
well
and
most
of
the
folks
and
the
controls
working
group
so
like
most
of
the
folks
here,
are
kind
of
like
double
booked
on
at
least
one
other
one.
E
A
quick
thought
for
my
end
because
I
know
I
don't
want
to
be
the
contrarian,
but
what
one
thing
I
I
I
do
like
about
the
fact
that
it
is
fairly
frequent
is,
I
can
miss
a
meeting
and
not
feel
like
I've
missed
out
on
a
whole
lot.
So
I
mean
another
thought
is
maybe
just
saying
hey,
maybe
like
we
have
an
hour-long
meeting
once
every
x
weeks,
but
maybe,
like
a
you,
know,
a
15-minute
check-in
or
a
30-minute
check-in.
So
I
think
that's
those
things
are
still.
C
D
So
I'm
hearing
a
bunch
of
different
things,
I'm
all
about
trying
something
new,
trying
it
once
and
then
iterating.
So
you
know
that's
kind
of
like
agile,
so
I
think
that
we
should
pick
something
to
try
it
and
see
how
we
feel
I
think,
taking
a
month
off
is
a
good
idea,
but
I
also
recognize
that
there
are
a
lot
of
folks
that
get
hyped
up
about
kubecon
and
want
to
jump
on
a
call
with
the
security
group.
I
mean
that's
one
of
the
ways
that
we
get
a
lot
of
our
membership.
D
So
if
it's
a
balance
between
every
other
week
for
six
weeks
and
then
maybe
we
assess
how
we
like
that
or
if
it's
three
out
of
four
in
a
given
month
and
keep
in
mind
that
we
do
have
several
key
holidays
coming
up
across
the
world.
So
we
want
to
be
respectful
of
everybody's
various
vacations
and
holiday
leave.
G
C
I
have
a
question
actually
because
I
I
know
I
struggle
with
the
cncf
calendar
a
little
bit.
How
do
like
I'm,
I'm
just
thinking
if
we
have
like
3
ll
right.
Is
that
a
good
way
to
like?
Does
everyone
have
somehow
tracking
just
the
the
security
tag?
Events,
or
do
you
have
to
add
the
entire
cncf
calendar
to
your
calendar.
C
Okay,
yeah,
so
I
I'm
just
I
just
thinking
like.
I
think
that
that's
what
I
did
as
well,
so
I
think,
could
be
a
little
bit
tricky.
A
C
A
So
I
guess
one
of
the
things
I'm
trying
to
optimize
for
is
all
the
other
meetings
I
need
to
attend,
and-
and
so,
if
it's
you
know
three
out
of
out
of
three
in
a
month,
then
I
can't
do
any
other
alternating
recurring
meeting,
whereas
within
every
other
week
I
can
insert
other
recurring
meetings
in
the
sign
in
that
time
slide.
C
I
think
what
we
can
do
is,
I
think
we
have.
I
think,
three
options
right
there
on
the
table
now
three
or
four
options.
I
think
we
should
probably
make
a
poll,
but
in
the
channel,
see
what
people
think
and
then
experiment
with
it.
I
think
that's
most
likely
what
we
can
do.
G
F
F
F
H
Can
we
add
the
the
brandon
lum
ask
me
anything?
No.
C
A
D
So
yeah
it
sounds
like
those
are
the
options
if
you
can
get
that
poll
in
the
channel
and
let
it
and
well
I'll
pay
attention
to
when
it's
posted,
we'll
send
an
email
out
to
the
mailing
list
as
well.
So
folks
can
jump
in
there
and
respond.
C
So
other
gender
item
was
on
new
technique
nomination.
So,
as
you
know,
it's
been
a
while,
since
we've
had
new
techniques
know
given
that
recently
er-
and
I
I
have
you
know-
assumed
the
chat
positions
they.
C
Yeah,
so
we
will
need
as
soon
as
the
group
is
growing
right.
I
think
we
see
the
the
need
for
additional
leadership
to
help.
You
know
expand
on
the
scope
of
what
we
do
and
also
making
sure
that
new
members
and
our
existing
members
feel
like
their
voices
are
heard
and
that
they
feel
empowered
to
you
know
do
great
work.
C
So
we
want
to
talk
about
tl
nomination
in
the
past.
This
has
been
done
through
so-called
chair
nomination
and
we-
the
there
are
two
parts
of
this.
So
one
is.
We
want
to
document
the
process.
We
do
the
nomination
number
two
is
we
want
to
kind
of
open
up
the
tl
nomination
process
to
have
community
nominations
as
well?
C
So
we
are
introducing
this
idea
of
community
nominations
where
communities
community
members
nominate
who
they
think
would
be
good
tls,
together
with
the
justification
and
based
on
the
nomination.
The
chess
would,
you
know
pick
based
on.
You
know
the
number
of
nominations.
C
You
know
different,
a
bunch
of
different
requirements,
whether
they
would
fit
the
role
they
had.
They
have
the
skill
set
to
meet
the
role
as
well.
As
you
know,
tlc
has
to
also
approve,
so
the
idea
is
the
community
comes
out
of
nominations.
You
know
these
get
brought
to
the
leadership
into
the
tlc.
At
the
end
of
it
we
provide
some
data
about.
You
know
what
happened.
C
You
know
the
idea
is
we
want
to
provide
more
transparency
in
the
process
as
well,
as
you
know,
for
members
of
community
to
influence
the
decision
so
emily.
Do
you
want
to
share
that
yeah
yeah?
I.
D
I
actually
because
it
was
merged
in
before
the
meeting.
I
posted
it
in
the
chat,
so
we
went
through
and
we
documented
it.
We
talked
through
about
what
are
what
were
the
previous
tech
lead
nominations
like
what
were
some
of
those
requirements,
and
we
wanted
to
make
sure
that
we
were
very
transparent
with
everybody
to
understand
what
it
is
that
we're
looking
for
as
well
as
understand
where
the
cncf
is
headed.
D
So
the
cncf
has
been
doing
a
lot
of
changes
as
of
late
and
trying
to
drive
more
diversity
across
the
community,
and
we
want
to
make
sure
that
we're
we're
standing
true
with
the
cncf
and
their
goals
and
initiatives
and
efforts.
So
we
took
the
time
we
went
through
and
we
documented
a
whole
bunch
of
requirements.
D
This
is
our
first
pass
at
getting
these
done,
so
these
are
very
likely
to
change
at
some
point
in
the
future,
depending
we
realize
that
this
might
be
a
high
bar
for
a
lot
of
people,
but
we
also
want
to
be
very
clear
in
case.
Anybody
is
interested
in
becoming
a
tech
lead
in
the
future
that
they
kind
of
have
a
good
understanding
of
what
that
path
to
take
to
look
like
to
be
eligible
for
it.
D
So
I
drop
the
link
in
the
chat,
please
feel
free
to
review
it
there's
a
timeline
that
we
want
to
be
able
to
go
through
this.
So
I
think
brandon
and
I
we
had
discussed
about
two
weeks
to
like
let
everybody
familiarize
themselves
with
what
this
process
looks
like
and
then
we
would
formally
announce
it
and
kick
it
off
and
we're
looking.
D
I
think
we
said
about
a
month
to
collect
all
of
the
nominations
and
then
some
time
for
us
co-chairs
to
go
through
it,
because
we
feel
that
there's
a
lot
of
really
great
folks
in
the
community
that
we
may
not
actually
be
aware
of
some
of
the
fantastic
work.
It
is
that
they're
doing
and
we
want
to
make
sure
that
they're,
visible
and
they're
elevated
to
our
awareness
did.
I
miss
anything.
C
I
need
any
thoughts
about
it.
Any
questions,
any
ideas
that
maybe
we
didn't
include
that
we
should
include
a
nomination
process.
A
It
probably
makes
sense
to
to
also
cross-link
what
the
tech
lead
actually
does
and
what
their
responsibilities
are,
so
that
it's
not
just
here's
how
you
get
nominated.
But
here's
what
we
expect
people
to
do.
D
D
I
also
wanted
to
make
everyone
aware
that
we
also
have
a
tag
security
governance
channel,
which
is
where
we
have
conversations
about
this
kind
of
stuff
with
the
larger
tag
security
group.
So
if
you
have
questions
about
technical
leadership,
co-chairpersonship
or
just
general
like
the
running
and
the
administration
of
the
group,
we
also
have
that
channel.
G
H
G
A
G
D
And
also,
if
folks
are
interested
from
like
a
career
progression,
perspective
understanding
a
little
bit
more
about
managing
a
very
large
community.
This
is
a
good
opportunity
for
that.
So,
if
you're
interested
in
that
space-
and
you
want
to
learn
more
about
what
does
it
mean
to
be
a
tech
lead
within
this
security
tag
or
a
co-chair,
please
feel
free
to
reach
out
to
any
of
the
existing
tech
leads.
Previous
tech
leads
previous
co-chairs.
Current
co-chairs
we're
more
than
happy
to
help
talk
to
you
about
what
it
looks
like.
C
C
Cool
yeah
so
we'll
leave
it
out
there,
like
emily,
said
we're
gonna
wait
one
or
two
weeks.
If
we
get
some
more
feedback,
we
can
incorporate
it
into
the
process.
C
I
believe
the
plan
now
is
that
we
will
open
one
swap
for
community
nomination
for
tech
feed,
we'll
see
how
it
goes
if
it
goes
well,
we'll
have
more
in
the
future
yeah.
So
in
about
two
weeks,
you
should
get
email
for
nominations
and
we
will
see
how
it
goes.
I'm
very
excited
to
see
see
everyone
participate
in
this
awesome.
C
So
that
is
the
everything
that
was
on
today's
agenda.
The
announcement
for
next
week's
schedule
is:
we
have
a
presentation
from
myself
and
marius
on
spiffy
tonya
next
week,
so
yeah
that
would
be
exciting.
C
It's
it's
a
control
plane
for
workflow
identity.
So
you
know
how
you
have
like
all
these
like
awesome,
control
and
management
planes
and
ui
super
control
user
identities.
Imagine
the
question
we're
asking
is
why
don't
we
treat
workloads
the
same
way
as
users?
I
mean
this
is
pretty
much.
Workloads
have
become
a
big
part
of
identity,
access,
management
and
cognitive.
C
Yeah
exactly
cool,
so
any
any
other
thoughts,
any
other
items
that
we
wanted
to
bring
up.
D
Yes,
for
those
of
you
that
may
not
already
be
aware
cloud
native
security.
Con
is
happening
october
12th,
please,
please,
please
register
either
in
person
or
virtual.
We
have
an
excellent
lineup
with
two
tracks
this
year,
as
well
as
a
ctf,
so
stay
tuned
for
more
information
about
this
etf
check,
your
twitters
for
fun
little
tweets
about
what's
going
on,
but
please
please,
please
register
we're
trying
to
turn
this
into
a
much
larger
con
around
cloud
native
security
and
kind
of
drive
the
the
community
in
that
direction.
H
Red
button
yep,
if
you
see
tweets,
go
ahead
and
retweet
them
get
the
name
word
out
there.
I
think
myself
and
andres
and
maybe
a
little
emily.
I
don't
know
we'll
be
doing
some
emceeing
if
vega
and
I
don't
beat
each
other
up
on
stage,
but
you
know
we'll
have
a
good
time
together.
It's
gonna
be
good.
We're
gonna
have
some
fun
everybody.
So
there's
a
great
movie
theme
that
we're
doing
as
well.
It's
such
phenomenal
stuff-
I
mean
again.
H
G
Yeah,
but
whether
you're
planning
to
be
there
virtually
or
in
person
we
could
use
your
help,
would
love
to
to
count
with
your
help.
So
yeah
hit
us
up
if
you'd
like
to
get
involved
and
I'm
going
to
be
there
either
online
or
in
person.
C
Awesome,
thank
you.
All
right
seems
like
we
at
the
end
of
the
meeting,
so
I'll
give
her
around
15
minutes
back.
Thank
you.
Everyone,
bye-bye
thanks.