mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-19 14:09:40 +03:00
Initial commit - 611 cybersecurity skills across all subdomains
This commit is contained in:
@@ -0,0 +1,35 @@
|
||||
# Standards and References - Securing Helm Chart Deployments
|
||||
|
||||
## NIST SP 800-190
|
||||
- Section 4.1: Image vulnerabilities and configuration defects
|
||||
- Section 5.2: Registry security and chart provenance
|
||||
- Section 5.4: Secure deployment configuration
|
||||
|
||||
## CIS Kubernetes Benchmark v1.8
|
||||
- 5.2.1-5.2.9: Pod Security Standards enforced via chart defaults
|
||||
- 5.7.3: Apply security context to pods and containers
|
||||
|
||||
## SLSA (Supply chain Levels for Software Artifacts)
|
||||
- Level 1: Documented build process (Helm chart CI)
|
||||
- Level 2: Source version controlled, signed provenance
|
||||
- Level 3: Hardened build platform, signed artifacts
|
||||
- Level 4: Two-party review, hermetic builds
|
||||
|
||||
## Helm Security Resources
|
||||
|
||||
| Resource | URL |
|
||||
|----------|-----|
|
||||
| Helm Security Best Practices | https://helm.sh/docs/chart_best_practices/ |
|
||||
| Helm Provenance and Integrity | https://helm.sh/docs/topics/provenance/ |
|
||||
| kube-linter | https://github.com/stackrox/kube-linter |
|
||||
| checkov Kubernetes checks | https://www.checkov.io/5.Policy%20Index/kubernetes.html |
|
||||
| helm-secrets plugin | https://github.com/jkroepke/helm-secrets |
|
||||
|
||||
## Compliance Mappings
|
||||
|
||||
### PCI DSS v4.0
|
||||
- Req 6.3.1: Security vulnerabilities identified and managed
|
||||
- Req 6.5.1: Changes controlled by change control processes
|
||||
|
||||
### SOC 2
|
||||
- CC8.1: Change management - Controlled deployment processes
|
||||
Reference in New Issue
Block a user